DC Imaged to different machine getting login errors

Posted on 2005-03-01
Medium Priority
Last Modified: 2010-05-18
I have created an image of our DC (FSMO holder and GC) and dropped the image on a clone machine outside of our production environment for Disaster Recovery purposes.  I used Symantec V2I builder.  My production environment has 3 DC - 1 2003 (above) and 2 W2K DC's.  In this DR enviroment, as of right now, I just have the one Win 2003 DC online.

On the DR DC I am getting the following error in the event log:

Event ID 16651

The request for a new account-identifier pool failed. The operation will be retried until the request succeeds. The error is %n " %1 "

On a workstation that I try to add to this DR DC I get the following error:

Windows cannot create the object because the Directory Service was unable to allocate a relative identifier.

This DC that the workstation is trying to connect to is the FSMO holder and GC.

I also verified that it is the RID Master and holds all the other roles.

I have reviewed many MS articles and came across Q305476 which indicates how to use repadmin /delete command to delete the other DC's that the DC is thinking are still on the network and trying to sync. with.  

I really don't wish to use this command because it can break AD so want to pass by everyone this issue and see what you think?

Your response is appreciated.


Question by:Dabowitt
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 51

Expert Comment

ID: 13432158
Temporarily install another DC into this environment.  Transfer the RID master role to this new server.  Give it overnight to settle down - transfer the role back.

DCPROMO out the temporary server.

If this server cannot see the other servers (which would be the case in a test environment) why are you hesitant to remove the replication partners from it?  It should work just fine.  Besides, you should be testing this all out for DR process anyway.



Author Comment

ID: 13432364
Not hesitant but wanting to see if the errors I'm getting are due to it not seeing the other DC's or is it another issue.  The command if done wrong can destroy AD and it takes sometime to rebuild.

Accepted Solution

SunshineVK earned 2000 total points
ID: 13507033
Kindly try this

From a command prompt or the Run text box, type repadmin /options +DISABLE_INBOUND_REPL and then press ENTER.
Verify that the option is set. You should get this message: repadmin running command /options against server localhost.

To turn off inbound replication using Active Directory Sites & Services
Open Active Directory Sites & Services
Locate the Server, you have restored. Expand the same, and select NTDS settings
Delete all the inbound replication objects in the right-hand pane
Right click on the NTDS settings, and  click on Check Replication topology

Pls let me know if the above suggestion helps.

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question