Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

The directory service was unable to allocate a relative identifier

Posted on 2003-11-11
12
Medium Priority
?
14,348 Views
Last Modified: 2010-09-09
I took complete backup (1st option "Backup every thing in my computer) of my Active Directory Server (windows 2000), using 'NTBACKUP'.
In fact I've 2 AD servers (windows 2000) in my production network. But all the 5 roles exists in the 1st AD server (which I took the backup for) and it is a 'Global catalog' server as well. Infact both the servers are 'Global catalog' servers.
Now I'm trying to restore the 1st AD server with a fresh OS installation. After installing Windows 2000, I've not configure any network settings or any other thing.
Restart the server in 'Directory Services Restore Mode'.
Run the 'NTBACKUP' utility.
Drive the 'Restore Wizard'. Import the backup file (to be restored)
In the advance options, 1st option was 'How to Restore'. I select the last option 'Always replace the file on disk'.
In the next screen (regarding the security), I select the 1st check box (Restore security)
and the 3rd check box (Restore junction points, not the folders and file data they reference)

After the restore was completed, I've restarted te machine.
Now I can logon as an administrator normally. I can create, delete and move OUs.
But when I try to create a user account, I got this error message

" Windows cannot create the object because the Directory Service was unable to allocate a relative identifier. "

receive the following event message in the NT Directory Service (NTDS) event log:
Event 16650
MessageId=0x410A
SymbolicName=SAMMSG_RID_INIT_FAILURE
Language=English
The account-identifier allocator failed to initialize properly. The record data contains the NT error code that caused the failure. Windows 2000 may retry the initialization until it succeeds; until that time, account creation will be denied on this Domain Controller. Please look for other SAM event logs that may indicate the exact reason for the failure.

Thats all about it. Any idea whats going wrong in there ?




0
Comment
Question by:adeelminhaj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 9729568
Those should help:
Error Message: The Account-Identifier Allocator Failed to Initialize Properly
http://support.microsoft.com/?kbid=248410

Error Message: "Windows Cannot Create the Object Because the Directory Service Was Unable to Allocate a Relative Identifier"
http://support.microsoft.com/?kbid=822053
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9731871
Take a look here.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;223787

You might be able to work around the issue and force the AD#2 into the FSMO role. I would delegate all 5 operations over to it, and then try to force replication. That might fix your problem.

I got the link from oBdA's first KB link, so I can't take credit! 8-)
0
 

Author Comment

by:adeelminhaj
ID: 9736759
oBda / Casca1 :

Thanx alot for all those KB links, those were quite useful but I've not found my senerio there.

Since I took it off-line from production network and put it in a temporary network, in such a scenerio now I've only one AD server.

Now what should I do after the restoration to rectify the problem ?
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 6

Expert Comment

by:Casca1
ID: 9736867
I would attempt an authoratative restore.
0
 

Author Comment

by:adeelminhaj
ID: 9894787
Guys, as I've mentioned I've 2 AD servers in my production network. To restore the target server, I put it on a separate network (non-production), as recommended in Kbase documents.

So right after the restore, when I restarts the server and try to create a new user account, it starts replication with its companion server to allocate a relative identifier, there it fails to replicate because its not in the production network. I guess this was the root cause of my problem.

When I restored both the servers off the production network, it works fine.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9896746
Huh; The KB article says to restore OFFLINE??? wild. Even though you have put it on a seperate subnet, it is considered offline because it's not in the production environment. An authoratative restore is sorta like that... But only sorta.
0
 

Author Comment

by:adeelminhaj
ID: 9901610
Casca1 : don't be so emotional and have a look @ the KB documents.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9902176
Emotional? How about emphasis.
I did read the KB; Checked it again to verify I had read it correctly.
I re-iterate: Wild.
0
 

Expert Comment

by:Pauli311
ID: 33642494
How come a pre-req of this site isn't a mastery of the english language? I find it very hard to communicate with people who start sentences off like "I took complete backup". Seriously.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

648 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question