Solved

Domain Controller not working After P2V to LAB

Posted on 2012-03-20
3
1,000 Views
Last Modified: 2012-03-21
Hello,
We have a strange scenario where we P2V'ed a domain controller to an isolated lab environment, after it was successfully migrated, i was able to log in the domain controller using my login name, but can't create any objects, nor can i join computers to that domain in that lab environment.

i seized the RID, PDC, Scheme master and domain naming master roles but still no good.
i'm getting - the directory service was unable to allocate a relative identifier

i'm suspecting that there's a problem with the RID, and saw some information on the web that i should clean all the remaining servers that the domain controller previously connected with (including all the sites) but i fail to understand if it's even related and if so, then why would it solve the problem?

the domain is 2003 native
0
Comment
Question by:johnnyjonathan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Accepted Solution

by:
dphantom9002 earned 500 total points
ID: 37744260
until you clean the metadata of any other references to previous Domain Controllers, you will have problems with any number of AD relatded items including replication, RID generation and so forth.

http://technet.microsoft.com/en-us/library/cc736378(v=WS.10).aspx
0
 
LVL 16

Expert Comment

by:Syed_M_Usman
ID: 37746812
Dear,

1) could you please explain more "We have a strange scenario where we P2V'ed a domain controller to an isolated lab environment"

2) "was able to log in the domain controller using my login name, but can't create any objects" ideally only Domain Admin and Administrators users suppose to do this job.

3)"i seized the RID, PDC, Scheme master and domain naming master roles" why you seize the roles and how you have done this task..
YOur problem could be this, are you sure you have seized the roles properly???
what happened if you run below
start:run>cmd>netdom query fsmo
start:run>cmd>repadmin /showrepl
start:run>cmd>dcdiag

seizing roles should be done only when there is no chance that server will come live, many people like to restore systems stat on same hardware....


4) "i should clean all the remaining servers that the domain controller previously connected with (including all the sites)" you dont have to do this task unless you have failed DCPROMO or Faild DC in your network
0
 

Author Closing Comment

by:johnnyjonathan
ID: 37748305
Thanks, got the idea of adding another DC from your answer!
cleaning up also works but it was easier :)
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question