A virtual Active directory domain controller in hyper-v 2012 r2 cannot register new users

I have converted a physical Active Directory Domain controller running Windows server 2008 R2 to a virtual server on hyper-v 2012 R2, using Disk2Vhd. The Virtual Active Directory Domain controller works well, I can remove OU's, delete and disable users. However, I cannot add new users to the AD. I get an error : "Windows cannot create the object because the Directory Service was unable to allocate a relative identifier."
MohlalefiAsked:
Who is Participating?
 
Will SzymkowskiSenior Solution ArchitectCommented:
I have converted a physical Active Directory Domain controller running Windows server 2008 R2 to a virtual server on hyper-v 2012 R2, using Disk2Vhd
This is not the proper way to accomplish this. You should have created a new DC as a VM rather than doing a P2V.

As stated this relates to the RID Master Role not being available. Try running the fallowing commands

Repadmin /replsum
Repadmin /showrepl
Repadmin /bridgeheads
netdom query fsmo
netdom query dc
DCDiag /v

Will.
0
 
Manikandan NarayanswamySecurity Specialist & IBM Security GuardiumCommented:
Hi,

The error means the RID master role is unavailable. Follow the below link where the solution is given

http://support.microsoft.com/en-us/kb/822053

Thanks
Manikandan
0
 
Manikandan NarayanswamySecurity Specialist & IBM Security GuardiumCommented:
Hi,

I do agree you should have done the Virtual domain controller cloning or as Will said you should have created a DC and then should moved the FSMO roles. However now the damage is done. Refer to the link i mentioned earlier this will resolve the issue. However for future reference make sure that you do the FSMO roles transfer as per the Guidelines recommended by Microsoft

Thanks
Manikandan
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
If you cannot get this DC operating correctly even after following the steps in the link i would recommend demoting this DC and re-promoting it.

Even with the steps provided in the link you might have also encounter issues related to USN Roll Back.

Will.
0
 
compdigit44Commented:
I am assuming this DC had the RID FSMO roll before converting it to a virtual correct?

have you run:   dcdiag /c /v >c:\dcdiag.txt to check the health of AD
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.