Solved

unable to add additional computers to domain...."unable to allocate a relative identifier".

Posted on 2010-09-08
3
586 Views
Last Modified: 2013-12-05
Hello….I was running two Windows 2000 servers as Domain Controllers. My other five servers are Windows 2003 servers. I started having problems with my second DC. It looks like the hard drive was failing to the point of crashing the DC. I ran dcpromo to remove the second DC from the domain. It looks like dcpromo ran ok.

I installed Windows 2000 server on another computer. My thought was to add this new computer to the domain to replace the failed DC. The problem I have is that I cannot add this Window 2000 server to the domain. I get the message “The directory service was unable to allocate a relative identifier”. I have gotten this error before (when trying to add computers). But the problem went away.
 
I ran dcdiag to test the single remaining DC. I have the full printout. But I am only including a small part of the printout. I got the idea for running  “dcdiag” from looking at your knowledge base for other similar problems.

I believe I need to seize the five FSMO roles for the single remaining DC to function properly. I do not have experience reading the dcdiag printout, but I think those roles are not functioning on the remaining DC. Please advise.
------------------------------------------------------------------------------------------------------------------
Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Schema Owner, but is deleted.
         Role Domain Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Domain Owner, but is deleted.
         Role PDC Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
PDC Owner, but is deleted.
         Role Rid Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Rid Owner, but is deleted.
         Role Infrastructure Update Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Infrastructure Update Owner, but is deleted.
         ......................... CFS_FILE failed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 5101 to 1073741823
         Warning: FSMO Role Owner is deleted.
         * CFS_FILE.hq.companyXX.com is the RID Master
         * DsBind with RID Master was successful
         Warning: rid set reference is deleted.
         ldap_search_sW of CN=RID Set\
DEL:76456ff9-a95c-42dd-bc4c-6ee9e68c4e6d,CN=Deleted Objects,DC=hq,DC=companyXX,DC=com for rid info failed with 2: The system cannot find the file specified.
         ......................... CFS_FILE failed test RidManager
 
0
Comment
Question by:landrylong
3 Comments
 
LVL 24

Assisted Solution

by:Mike Thomas
Mike Thomas earned 125 total points
ID: 33634392
Check this article for a possible solution

http://support.microsoft.com/kb/839879
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 375 total points
ID: 33634438
First, determine which DC(s) are holding your FSMO roles:
http://www.petri.co.il/determining_fsmo_role_holders.htm

If any of the entries lists the failed server AND you are not expecting to restore the server, THEN you MUST SEIZE the roles.

For that, see:
http://www.petri.co.il/seizing_fsmo_roles.htm

Once seized, you need to clean up the meta data entries for the old server:
See:
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Closing Comment

by:landrylong
ID: 33638676
Thank you for your responses. The web pages that you gentlemen suggested were some of the very same web pages I found myself and printed out over the weekend. After I posted my question to EE, I went ahead and "seized the roles" on the remaining DC. Seizing the roles fixed my problem yesterday. Today I did check for metadata from the old failed server. None was found. Anyway, Thank you again.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now