Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Domain Controller not working After P2V to LAB

Posted on 2012-03-20
3
Medium Priority
?
1,006 Views
Last Modified: 2012-03-21
Hello,
We have a strange scenario where we P2V'ed a domain controller to an isolated lab environment, after it was successfully migrated, i was able to log in the domain controller using my login name, but can't create any objects, nor can i join computers to that domain in that lab environment.

i seized the RID, PDC, Scheme master and domain naming master roles but still no good.
i'm getting - the directory service was unable to allocate a relative identifier

i'm suspecting that there's a problem with the RID, and saw some information on the web that i should clean all the remaining servers that the domain controller previously connected with (including all the sites) but i fail to understand if it's even related and if so, then why would it solve the problem?

the domain is 2003 native
0
Comment
Question by:johnnyjonathan
3 Comments
 
LVL 2

Accepted Solution

by:
dphantom9002 earned 2000 total points
ID: 37744260
until you clean the metadata of any other references to previous Domain Controllers, you will have problems with any number of AD relatded items including replication, RID generation and so forth.

http://technet.microsoft.com/en-us/library/cc736378(v=WS.10).aspx
0
 
LVL 16

Expert Comment

by:Syed_M_Usman
ID: 37746812
Dear,

1) could you please explain more "We have a strange scenario where we P2V'ed a domain controller to an isolated lab environment"

2) "was able to log in the domain controller using my login name, but can't create any objects" ideally only Domain Admin and Administrators users suppose to do this job.

3)"i seized the RID, PDC, Scheme master and domain naming master roles" why you seize the roles and how you have done this task..
YOur problem could be this, are you sure you have seized the roles properly???
what happened if you run below
start:run>cmd>netdom query fsmo
start:run>cmd>repadmin /showrepl
start:run>cmd>dcdiag

seizing roles should be done only when there is no chance that server will come live, many people like to restore systems stat on same hardware....


4) "i should clean all the remaining servers that the domain controller previously connected with (including all the sites)" you dont have to do this task unless you have failed DCPROMO or Faild DC in your network
0
 

Author Closing Comment

by:johnnyjonathan
ID: 37748305
Thanks, got the idea of adding another DC from your answer!
cleaning up also works but it was easier :)
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question