There are no more endpoints available from the endpoint mapper.

Posted on 2010-09-02
Last Modified: 2012-05-10

A couple of weeks ago I inherited a 2003 AD domain with a single (NSSERVER) domain controller. I have had plenty to do in other areas and as the domain was running smoothly I had not given it more than a cursory glance .

I was adding few users yesterday. Everything was going fine until I was adding the sixth user and I get an error screen with "There are no more endpoints available from the endpoint mapper".

I clicked ok and then was unable to see the domain in Active Directory Users and Computers. If I did connect to domain controller I could see the domain but if I attempted to do anything other than look I was kicked out again. Users also had problems connecting to shares and everything was generally hosed.

After I rebooted the DC the domain was working correctly again until I attempted to add another user and got the endpoint mapper error and fubared the domain again.

I started checking out the logs to see what I could find and it is not good. Seems there was a second domain controller in the domain named MAIL that disappeared without a trace two years ago. The really bad news is there is a newer server in the domain running exchange that is named MAIL that appears to have never been a DC. The domain has been fruitlessly trying to talk to MAIL for two years and this appears to have finally upset the end point mapper.

Server NSSERVER is listed as the RID, PDC and Infrastructure Master. It is also runs a few applications and is the main file server.

Currently the server MAIL is just hosting exchange and there is one other application server in the domain but it is not nor has never been a domain controller.

It is my understanding that in order to correct the missing MAIL domain controller problem I am going to have to delete and recreate my domain.

I have plans to outsource my email in a few months and I would really love to re-purpose the exchange server to be "the" domain controller and give NSSERVER a break.

Does anyone have any ideas on how I may do a patch job to enable me to add users for a couple of months?

Is there some neat DNS trick I could use?

Some diagnostic files attached for your amusement.

Question by:hndscr
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 57

Accepted Solution

Mike Kline earned 500 total points
ID: 33589391
have you gone through the metadata process from a good DC to see if you can remove Mail (the one that disappeared without a demotion)

Author Comment

ID: 33590151
Hi Mike

I have not yet tried this.

I will  tomorrow afternoon as I will have the whole weekend to rebuild the domain if it goes wrong.


Author Closing Comment

ID: 33597357
Worked like a charm.

Odd thing was the first user I added after the fix did give the error again but it did create the user. It did not "disappear" the domain this time and I can now add users and other than the first time the error has not returned.

Thanks for your help.  
LVL 57

Expert Comment

by:Mike Kline
ID: 33597820
No problem, glad to help and have a great holiday weekend.

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question