Mailbox Creation in Acitive Directory


G

Guest

I have always created a mailbox for Exchange whenever I have created a new
user in Active Directory. However, recently, I receive confirmation that the
mailbox has been created, but in the Exchange System Manager, the mailbox is
not their. I have checked for a possible licensing issue; Microsoft says it
is OK, that it is an Active Directory issue. I don't recive any errors on
the Domain Controller, but I have an additional domain controller in the
network that I receive the error on: Windows cannot create the object
because: The directory service was unable to allocate a relative identifier.
Any help on this matter would be deeply appreciated.
Thank you.
 
Ad

Advertisements

A

Ace Fekay [MVP]

In Alboni <[email protected]> made a post then I commented below
:: I have always created a mailbox for Exchange whenever I have created
:: a new user in Active Directory. However, recently, I receive
:: confirmation that the mailbox has been created, but in the Exchange
:: System Manager, the mailbox is not their. I have checked for a
:: possible licensing issue; Microsoft says it is OK, that it is an
:: Active Directory issue. I don't recive any errors on the Domain
:: Controller, but I have an additional domain controller in the
:: network that I receive the error on: Windows cannot create the
:: object because: The directory service was unable to allocate a
:: relative identifier. Any help on this matter would be deeply
:: appreciated.
:: Thank you.

That sounds like a definite AD error. If the RID Master FSMO Role is not
available, then the DC you creating the new object on cannot create it
because it ran out of RIDs and couldn't update it's RID pool. Without
additional info, I can point out this can be caused by a number of things:

1. The RID Master is not available, or down.
2. DNS misconfiguration (using an ISP's DNS server in any position in IP
properties WILL cause this error - Must only use your internal DNS).
3. SRV records are missing under the zone in DNS.
4. Updates not allowed on the zone in DNS.
5. Single label domain name - This is a nasty issue.
6. Firewall or Proxy rules blocking domain communication between office
locations.
7. NAT device between subnets - AD cannot communicate across a NAT because
NAT doesn't support Kerberos or RPC communication.

If not sure where to go based on what I mentioned above, please provide
additional info to further diagnose this, such as:

1. Unedited ipconfig /all
2. Name of your AD DNS domain name
3. If updates are enabled
4. Name of the zone in DNS
5. dcdiag /v

Thank you,

--
Regards,
Ace

G O E A G L E S !!!
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
G

Guest

Ace,
I am sending the information you requested to your Hot Mail account.
Thank you.
Al
Happy Holidays
 
Ad

Advertisements

A

Ace Fekay [MVP]

In Alboni <[email protected]> made a post then I commented below
:: Ace,
:: I am sending the information you requested to your Hot Mail account.
:: Thank you.
:: Al
:: Happy Holidays
::

Hi Al,

I received the info.It was a 22meg attachment! I provided instructions on
how to send me the info in text format.

Thanks.

Merry Christmas!

Ace
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top