HC-ICT
asked on
Failed RidMaster
Hi
We got 3 domain controllers (2008 and 2008R2) where one hold all fsmo roles exept the Infrastructure Master.
If we create a new account in Active Directory we get the error "The direcotry service has exhausted the pool of relative identifiers". We get this error on all domain controllers
i ran dc diag and discoverd that the RID Manager role failed whit " The DS has corrupt data: rIDAvailablePool value is not valid"
i tried to seize the role, but it didn't need seizing.
i removed some old entries of long long long retired domain controllers
tried to setup new domain whit trust but again identifiers error on making a trust
any suggestions are welcome.
Thanks Robin
We got 3 domain controllers (2008 and 2008R2) where one hold all fsmo roles exept the Infrastructure Master.
If we create a new account in Active Directory we get the error "The direcotry service has exhausted the pool of relative identifiers". We get this error on all domain controllers
i ran dc diag and discoverd that the RID Manager role failed whit " The DS has corrupt data: rIDAvailablePool value is not valid"
i tried to seize the role, but it didn't need seizing.
i removed some old entries of long long long retired domain controllers
tried to setup new domain whit trust but again identifiers error on making a trust
any suggestions are welcome.
Thanks Robin
Hi,
As per the error, it appears that the RID pool has excausted? to just verify whether you have enough RID pool, follow the steps;
In the command prompt;
Dcdiag.exe /TEST:RidManager /v | find /i "Available RID Pool for the Domain"
It will give the following results;
* Available RID Pool for the Domain is 2100 to 1073741823
Once you confirmed that the DC has got enough RID pool's then apply this hotfix onto the server https://support.microsoft.com/en-us/kb/2618669
I hope this resolve the issue.
As per the error, it appears that the RID pool has excausted? to just verify whether you have enough RID pool, follow the steps;
In the command prompt;
Dcdiag.exe /TEST:RidManager /v | find /i "Available RID Pool for the Domain"
It will give the following results;
* Available RID Pool for the Domain is 2100 to 1073741823
Once you confirmed that the DC has got enough RID pool's then apply this hotfix onto the server https://support.microsoft.com/en-us/kb/2618669
I hope this resolve the issue.
ASKER
Hi Dan
Thanks for your reply
i have attached the DCDIAG as requested.
below my fsmo query
C:\Users\Administrator>net
Schema master DC-01.ReplacedMyDomainName
Domain naming master DC-01.ReplacedMyDomainName
PDC DC-01.ReplacedMyDomainName
RID pool manager DC-01.ReplacedMyDomainName
Infrastructure master DC-02.ReplacedMyDomainName
Thanks
dcdiag.txt
Thanks for your reply
i have attached the DCDIAG as requested.
below my fsmo query
C:\Users\Administrator>net
Schema master DC-01.ReplacedMyDomainName
Domain naming master DC-01.ReplacedMyDomainName
PDC DC-01.ReplacedMyDomainName
RID pool manager DC-01.ReplacedMyDomainName
Infrastructure master DC-02.ReplacedMyDomainName
Thanks
dcdiag.txt
ASKER
Hi hakrishnan
Your command does not give me any output..whitout the pipe i have:
Starting test: RidManager
The DS has corrupt data: rIDAvailablePool value is not valid
......................... DC-01 failed test RidManager
Your command does not give me any output..whitout the pipe i have:
Starting test: RidManager
The DS has corrupt data: rIDAvailablePool value is not valid
......................... DC-01 failed test RidManager
Did you applied the update and rebooted the server?. I think you are going to end up with demote and promote after seizing the role to different server.
ASKER
Hi Radhakrishnan
No i did not apply the hotfix because i did not get confirmd i have enough RID pools
My RID Manager has corrupted data. So i guess i don't have pools at all.
You think the hotfix wil fix my data cause i can't get that verified from the KB?
No i did not apply the hotfix because i did not get confirmd i have enough RID pools
My RID Manager has corrupted data. So i guess i don't have pools at all.
You think the hotfix wil fix my data cause i can't get that verified from the KB?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The issue has been asked on EE before...
Link: https://www.experts-exchange.com/questions/24014918/Dcdiag-result-test-failed-RidManager-The-DS-has-corrupt-data-rIDAvailablePool-value-is-not-valid.html
Dan
Link: https://www.experts-exchange.com/questions/24014918/Dcdiag-result-test-failed-RidManager-The-DS-has-corrupt-data-rIDAvailablePool-value-is-not-valid.html
Dan
Unfortunately the resolution is straight up... You need to build a new Active Directory Forest and migrate everything over. This is what you will hear from Microsoft.
Unless you have a support contract with Microsoft, getting a response will be expensive.
Dan
Unless you have a support contract with Microsoft, getting a response will be expensive.
Dan
ASKER
Hi Dan and Radhakrishnan
thanks for both of your help, i have came acrossed some of the links and suggestions you have posted. And the sollution what came out is the thing i was affraid of.
thing is i have tried to set up a new forrest and domain, but i'm not able to make a trust cause of this. Whit an running exchange inviorment on the old domain .... its pretty messed up.
any way.
If you have some good suggestions to migratie to new domain whitout a trust and migrate exchange to that domain its very welcome!
thanks for both of your help, i have came acrossed some of the links and suggestions you have posted. And the sollution what came out is the thing i was affraid of.
thing is i have tried to set up a new forrest and domain, but i'm not able to make a trust cause of this. Whit an running exchange inviorment on the old domain .... its pretty messed up.
any way.
If you have some good suggestions to migratie to new domain whitout a trust and migrate exchange to that domain its very welcome!
** you should be in the enterprise admin group to execute this **
1. logon to one of the functioning DCs
2. open a command prompt
3. at the prompt, run: dcdiag /e /v > dcdiag.txt
This will save the output of the command into a file called dcdiag.txt.
While you are on the above server, I would run this command as well:
from the same command prompt, run: netdom query /domain:YourDomain.Name /fsmo
Posting the output of the 2 commands will help troubleshoot the issue.
Dan