troubleshooting Question
Active Directory can't create users. Error attribute rIdSetReferences missing
ajdratch asked on
We put in two new server 2019 Domain Controllers to replace two 2008 R2 Domain Controllers.
The old DC that had the FSMO roles has been demoted and is off the network. We had problems getting AD removed but we eventually got all the issues cleared up and were able to properly remove AD from that server. Not sure this matters but there were errors trying to transfer the FSMO roles so we had to seize them.
The new DC named DC19-1 with all the FSMO roles and the remaining old DC are both working fine.
We can’t create a new user on the second new DC. We get the message:
Windows cannot create the object 2 because:
The directory service was unable to allocate a relative identifier.
We brought up a third 2019 server and made it a DC and it gets the same error message when trying to create a new user.
We can still add users on the old 2008 R2 DC
Results from dcdiag /test:ridmanager /v
Starting test: RidManager
* Available RID Pool for the Domain is 18606 to 1073741823
* DC19-1.Domain.com is the RID Master
* DsBind with RID Master was successful
Warning: attribute rIdSetReferences missing from CN=DC19-1,OU=Domain Controllers,DC=Domain,DC=com
Could not get Rid set Reference :failed with 8481: The search failed to retrieve attributes from the database.
DC19-2 failed test RidManager
Anyone know how to fix this?
The old DC that had the FSMO roles has been demoted and is off the network. We had problems getting AD removed but we eventually got all the issues cleared up and were able to properly remove AD from that server. Not sure this matters but there were errors trying to transfer the FSMO roles so we had to seize them.
The new DC named DC19-1 with all the FSMO roles and the remaining old DC are both working fine.
We can’t create a new user on the second new DC. We get the message:
Windows cannot create the object 2 because:
The directory service was unable to allocate a relative identifier.
We brought up a third 2019 server and made it a DC and it gets the same error message when trying to create a new user.
We can still add users on the old 2008 R2 DC
Results from dcdiag /test:ridmanager /v
Starting test: RidManager
* Available RID Pool for the Domain is 18606 to 1073741823
* DC19-1.Domain.com is the RID Master
* DsBind with RID Master was successful
Warning: attribute rIdSetReferences missing from CN=DC19-1,OU=Domain Controllers,DC=Domain,DC=com
Could not get Rid set Reference :failed with 8481: The search failed to retrieve attributes from the database.
DC19-2 failed test RidManager
Anyone know how to fix this?
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 60 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.