RID pool corrupt after restore

N

Nate

After restoring a DC (the only DC in the forest, holding
all FSMO roles) everything works except the RID Master. It
recognizes that it holds the RID master role but it's not
running properly.I get the following error when I run
DCDiag:

Starting test: RIDManager
*Available RID pool for the domain is 2101 to 1073741823
*dc.ourdomain.com is the RID Master
*DSBind with the RID Master was successful
*riDAllocationPool is 1101 to 1600
*riDNextRID: 0
The DS has corrupt data: riDPreviousAllocationPool
value is not valid
*riDPreviousAllocationPool is 0 to 0
No rids allocated ---- Please check event log.
........................dc failed test RID Manager

Any idea on how to fix this? This dc is being set up on a
test domain so it is by itself on an issolated subnet so
nothing else should be interferring with it. Any help
would be greatly appreciated.
Thanks,
Nate
 
M

Matjaz Ladava [MVP]

Open ADSIEdit on your server and locate riDPreviousAllocationPool
attribute. See http://support.microsoft.com/?kbid=305475 on where the
attribute is located and what are valid values. Check them against your
findings.

Have you tried to transfer RID master to another server ?

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
N

Nate

I checked ADSI edit and it confirms that the value is 0.
I can't transfer the role because this is the only DC.
And I can't add a DC to seize the role because it won't
create a new computer account since the RIDMaster isn't
working. It's kind of a catch 22.
Thanks,
Nate
 
M

Matjaz Ladava [MVP]

Please run repadmin /showreps on your DC to see if there are any references
to non-existing DC's on your domain, as RID Master is brought online after
it replicates with another DC's. If you have references to some other DC's
then this could not happen.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
G

Guest

Thanks! That fixed it. Since I was setting up a test
domain this was the only DC, however in the live domain
there was a second DC. Apparently RIDMaster will not
start until after replicating with another DC. Since the
other DC was non-existant, it didn't particulary like
that. I did a metadata cleanup, removed the 2nd DC site,
removed the computer account with ADSI Edit, and removed
the DNS entries. Rebooted and now everything works.
Thanks again!
-Nate
 
S

Steve Dodson [MSFT]

Can you try and seize the RID master to itself?

Steve Dodson [MSFT]
Directory Services

--------------------
From: "Matjaz Ladava [MVP]" <matjaz@_nospam_ladava.com>
References: <[email protected]>
Subject: Re: RID pool corrupt after restore
Date: Fri, 17 Oct 2003 22:39:40 +0200
Lines: 83
Organization: ladava.com
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <[email protected]>
Newsgroups: microsoft.public.win2000.active_directory
NNTP-Posting-Host: as-99-26.dial-up.siol.net 212.30.66.26
Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.active_directory:52292
X-Tomcat-NG: microsoft.public.win2000.active_directory

Please run repadmin /showreps on your DC to see if there are any references
to non-existing DC's on your domain, as RID Master is brought online after
it replicates with another DC's. If you have references to some other DC's
then this could not happen.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com


--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top