?
Solved

The directory service was unable to allocate a relative identifier

Posted on 2012-09-21
6
Medium Priority
?
1,331 Views
Last Modified: 2012-09-25
I created a 'sandbox' for someone to do some server upgrade testing a couple weeks ago.  This is something I do a couple of times a year and the first time it gave me this error.  Basically, I take a clone of a DOMAIN CONTROLLER and a set of MEMBER SERVERS and place them in a sandbox network that cant see anything else.  When I did this three weeks ago, I was able to attach the MEMBER SERVERS to the DC with no issue.  Now I needed to add a NEW MEMBER SERVER to the sandbox, but am unable to attach him to the domain.  When I try to create a new COMPUTER in AD manually, I get the error above.

I realize that you cant 'restore' a DC into a network directly, but since this was merely a snapshot of a DC that was brought up in a SANBOX, why am I getting different results than before?  I trashed the sanbox DC and re-cloned the production DC back into the sanbox but still have the same issue.

This error returns google results poiting to RID master FSMO roles.  My SANBOX DC holds all roles, but his replication parter is not available in the SANDBOX.  I dont understand why the sandbox would need a replation parter -- I would assume that if DC#2/replication partner dies in production, DC#1 would continue to function, so why cant a clone function by itself in the sandbox?
0
Comment
Question by:tcloud
  • 3
  • 2
6 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38422722
So when you put the sandbox DC in did you have to sezie the FSMO roles to it.  Have you tried cleaning up those old DCs [DC2] (metadata cleanup http://www.petri.co.il/delete_failed_dcs_from_ad.htm)

Thanks
Mike
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38422787
post dcdiag /q from sandbox DC
0
 

Author Comment

by:tcloud
ID: 38423224
The DC that was cloned held all FSMO roles and the sandbox DC indicates this as well.

         [Replications Check,DC1] A recent replication attempt failed:
            From DC2-DHCP to DC1
            Naming Context: DC=ForestDnsZones,DC=company,DC=com
            The replication generated an error (1256):
            The remote system is not available. For information about network troubleshooting, see Windows Help.
            The failure occurred at 2012-09-21 13:58:43.
            The last success occurred at 2012-09-19 21:52:42.
            4 failures have occurred since the last success.
         [DC2-DHCP] DsBindWithSpnEx() failed with error 1722,
         The RPC server is unavailable..
         [Replications Check,DC1] A recent replication attempt failed:
            From DC2-DHCP to DC1
            Naming Context: DC=DomainDnsZones,DC=company,DC=com
            The replication generated an error (1256):
            The remote system is not available. For information about network troubleshooting, see Windows Help.
            The failure occurred at 2012-09-21 13:58:43.
            The last success occurred at 2012-09-19 21:58:15.
            4 failures have occurred since the last success.
         [Replications Check,DC1] A recent replication attempt failed:
            From DC2-DHCP to DC1
            Naming Context: CN=Schema,CN=Configuration,DC=company,DC=com
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2012-09-21 13:59:25.
            The last success occurred at 2012-09-19 21:52:42.
            4 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,DC1] A recent replication attempt failed:
            From DC2-DHCP to DC1
            Naming Context: CN=Configuration,DC=company,DC=com
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2012-09-21 13:59:04.
            The last success occurred at 2012-09-19 22:06:29.
            4 failures have occurred since the last success.
            The source remains down. Please check the machine.
         [Replications Check,DC1] A recent replication attempt failed:
            From DC2-DHCP to DC1
            Naming Context: DC=company,DC=com
            The replication generated an error (1722):
            The RPC server is unavailable.
            The failure occurred at 2012-09-21 13:58:43.
            The last success occurred at 2012-09-19 22:06:48.
            4 failures have occurred since the last success.
            The source remains down. Please check the machine.
         REPLICATION-RECEIVED LATENCY WARNING
         DC1:  Current time is 2012-09-21 14:26:23.
            DC=ForestDnsZones,DC=company,DC=com
               Last replication recieved from DC2-DHCP at 2012-09-19 21:52:42.
            DC=DomainDnsZones,DC=company,DC=com
               Last replication recieved from DC2-DHCP at 2012-09-19 21:58:15.
            CN=Schema,CN=Configuration,DC=company,DC=com
               Last replication recieved from DC2-DHCP at 2012-09-19 21:52:42.
            CN=Configuration,DC=company,DC=com
               Last replication recieved from DC2-DHCP at 2012-09-19 22:06:29.
            DC=company,DC=com
               Last replication recieved from DC2-DHCP at 2012-09-19 22:06:48.
         The DS has corrupt data: rIDPreviousAllocationPool value is not valid
         No rids allocated -- please check eventlog.
         ......................... DC1 failed test RidManager
         There are warning or error events within the last 24 hours after the          SYSVOL has been shared.  Failing SYSVOL replication problems may cause          Group Policy problems.
         ......................... DC1 failed test frsevent
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 2000 total points
ID: 38423333
Found this article stating about the same issue Please check and would recommend you to first cleanup metatdata
http://support.microsoft.com/kb/839879
0
 

Author Comment

by:tcloud
ID: 38433438
That seems to have cleared up the issue.  That does however, lead me to one other question... Does this mean if you reboot your network, and you have a DC down, that your primary DC will misbehave because it's replication partner is down?  Because ultimately, this is what I did by bringing up just one DC in the scandbox.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38433602
As you have said you have done this couple of times and first time you are facing this issue....Same applies to your question that its not predictable
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question