Solved

unable to add additional computers to domain...."unable to allocate a relative identifier".

Posted on 2010-09-08
3
582 Views
Last Modified: 2013-12-05
Hello….I was running two Windows 2000 servers as Domain Controllers. My other five servers are Windows 2003 servers. I started having problems with my second DC. It looks like the hard drive was failing to the point of crashing the DC. I ran dcpromo to remove the second DC from the domain. It looks like dcpromo ran ok.

I installed Windows 2000 server on another computer. My thought was to add this new computer to the domain to replace the failed DC. The problem I have is that I cannot add this Window 2000 server to the domain. I get the message “The directory service was unable to allocate a relative identifier”. I have gotten this error before (when trying to add computers). But the problem went away.
 
I ran dcdiag to test the single remaining DC. I have the full printout. But I am only including a small part of the printout. I got the idea for running  “dcdiag” from looking at your knowledge base for other similar problems.

I believe I need to seize the five FSMO roles for the single remaining DC to function properly. I do not have experience reading the dcdiag printout, but I think those roles are not functioning on the remaining DC. Please advise.
------------------------------------------------------------------------------------------------------------------
Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Schema Owner, but is deleted.
         Role Domain Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Domain Owner, but is deleted.
         Role PDC Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
PDC Owner, but is deleted.
         Role Rid Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Rid Owner, but is deleted.
         Role Infrastructure Update Owner = CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com
         Warning: CN="NTDS Settings
DEL:08c05e92-405c-44ee-9fe2-8b476fd3e508",CN=CFS_FILE,CN=Servers,CN=Default-Firs
t-Site-Name,CN=Sites,CN=Configuration,DC=hq,DC=companyXX,DC=com is the
Infrastructure Update Owner, but is deleted.
         ......................... CFS_FILE failed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 5101 to 1073741823
         Warning: FSMO Role Owner is deleted.
         * CFS_FILE.hq.companyXX.com is the RID Master
         * DsBind with RID Master was successful
         Warning: rid set reference is deleted.
         ldap_search_sW of CN=RID Set\
DEL:76456ff9-a95c-42dd-bc4c-6ee9e68c4e6d,CN=Deleted Objects,DC=hq,DC=companyXX,DC=com for rid info failed with 2: The system cannot find the file specified.
         ......................... CFS_FILE failed test RidManager
 
0
Comment
Question by:landrylong
3 Comments
 
LVL 24

Assisted Solution

by:Mike Thomas
Mike Thomas earned 125 total points
ID: 33634392
Check this article for a possible solution

http://support.microsoft.com/kb/839879
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 375 total points
ID: 33634438
First, determine which DC(s) are holding your FSMO roles:
http://www.petri.co.il/determining_fsmo_role_holders.htm

If any of the entries lists the failed server AND you are not expecting to restore the server, THEN you MUST SEIZE the roles.

For that, see:
http://www.petri.co.il/seizing_fsmo_roles.htm

Once seized, you need to clean up the meta data entries for the old server:
See:
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Closing Comment

by:landrylong
ID: 33638676
Thank you for your responses. The web pages that you gentlemen suggested were some of the very same web pages I found myself and printed out over the weekend. After I posted my question to EE, I went ahead and "seized the roles" on the remaining DC. Seizing the roles fixed my problem yesterday. Today I did check for metadata from the old failed server. None was found. Anyway, Thank you again.
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Join & Write a Comment

Consider a situation when you deploy a seemingly harmless software package to your network without testing and therefore without fully knowing the implications of your actions. I was recently involved in just this situation when a corporate IT netwo…
The environment that this is running in is SCCM 2007 R2 running on a Windows 2008 R2 server. The PXE Distribution point is running on its own Windows 2008 R2 box. This is what Event viewer showed after trying to start the WDS service:  An erro…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now