Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

unable to add additional computers to domain...."unable to allocate a relative identifier".

Posted on 2010-09-08
3
Medium Priority
?
609 Views
Last Modified: 2013-12-05
Hello….I was running two Windows 2000 servers as Domain Controllers. My other five servers are Windows 2003 servers. I started having problems with my second DC. It looks like the hard drive was failing to the point of crashing the DC. I ran dcpromo to remove the second DC from the domain. It looks like dcpromo ran ok.

I installed Windows 2000 server on another computer. My thought was to add this new computer to the domain to replace the failed DC. The problem I have is that I cannot add this Window 2000 server to the domain. I get the message “The directory service was unable to allocate a relative identifier”. I have gotten this error before (when trying to add computers). But the problem went away.
 
I ran dcdiag to test the single remaining DC. I have the full printout. But I am only including a small part of the printout. I got the idea for running  “dcdiag” from looking at your knowledge base for other similar problems.

I believe I need to seize the five FSMO roles for the single remaining DC to function properly. I do not have experience reading the dcdiag printout, but I think those roles are not functioning on the remaining DC. Please advise.
------------------------------------------------------------------------------------------------------------------
Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Schema Owner, but is deleted.
         Role Domain Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Domain Owner, but is deleted.
         Role PDC Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
PDC Owner, but is deleted.
         Role Rid Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Rid Owner, but is deleted.
         Role Infrastructure Update Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Infrastructure Update Owner, but is deleted.
         ......................... CFS_FILE failed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 5101 to 1073741823
         Warning: FSMO Role Owner is deleted.
         * CFS_FILE.hq.companyXX.com is the RID Master
         * DsBind with RID Master was successful
         Warning: rid set reference is deleted.
         ldap_search_sW of CN=RID Set\
DEL:76456ff9-a95c-42dd-bc4c-6ee9e68c4e6d,CN=Deleted Objects,DC=hq,DC=companyXX,DC=com for rid info failed with 2: The system cannot find the file specified.
         ......................... CFS_FILE failed test RidManager
 
0
Comment
Question by:landrylong
3 Comments
 
LVL 24

Assisted Solution

by:Mike Thomas
Mike Thomas earned 500 total points
ID: 33634392
Check this article for a possible solution

http://support.microsoft.com/kb/839879
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 1500 total points
ID: 33634438
First, determine which DC(s) are holding your FSMO roles:
http://www.petri.co.il/determining_fsmo_role_holders.htm

If any of the entries lists the failed server AND you are not expecting to restore the server, THEN you MUST SEIZE the roles.

For that, see:
http://www.petri.co.il/seizing_fsmo_roles.htm

Once seized, you need to clean up the meta data entries for the old server:
See:
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Closing Comment

by:landrylong
ID: 33638676
Thank you for your responses. The web pages that you gentlemen suggested were some of the very same web pages I found myself and printed out over the weekend. After I posted my question to EE, I went ahead and "seized the roles" on the remaining DC. Seizing the roles fixed my problem yesterday. Today I did check for metadata from the old failed server. None was found. Anyway, Thank you again.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After having deployed hundreds of thousands of Terminal Services seats worldwide, I still see all the time people asking me that same old question: "If TS/RDS is that reliable why are you telling me I should reboot it that often? My DC/SQL/Exchange/…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question