If an Active Directory server was add/replaced with a new one (with the same name), the usnNumber (AD replication tracking) numbers will be reset and ID sync will report changes out of sync
To clean the idsync database

First stop the ID Sync demon

/etc/init.d/isw stop

Then Stop IMQ broker

/etc/init.d/imq stop

Make sure its stoped
ps -ef |egrep “imq|isw”

cd /var/opt/SUNWisw/persist/ADP101/oc/
rm ./__db*

cd data/
rm wpsyncdb.dat

cd logs/
rm log.0000000016

reStart IMQ broker

/etc/init.d/imq start

Start ID Sync

/etc/init.d/isw start

Reinitialize the id sync database

/opt/SUNWisw/bin/idsync resync -D "cn=manager" -w [password] -s dc=domain,dc=com -q [config password] -o Windows -u

/opt/SUNWisw/bin/idsync resync -D "cn=manager" -w [password]  -s dc=domain,dc=com -q [config password]

