Deleted DN's in attribute fields

Let’s say an object in AD has an attribute that is a reference to another object based on DN The targeted object is deleted.. and the attribute field changes to the deleted objects CN like:

CN=nameADEL:ff920d6f-d823-4fff-9448-b645bd40d5e2,CN=Deleted Objects,DC=child,DC=ROOTDOMAIN,DC=LOCAL

Now when we try to clone that object to create a new object (for example user copy) the AD U&C MMC could throw an exception saying: The naming context could not be found. This is due to the fact that an LDAP client cannot retrieve the Deleted Objects CN without the proper LDAP control 1.2.840.113556.1.4.417 set. Thus the naming context (and therefore the object) cannot be found and copied to the new object and the copy fails. (at least on 2003DC’s) 

%d bloggers like this: