Article ID: 289154 - View products that this article applies to.
This article was previously published under Q289154
This article has been archived. It is offered "as is" and will no longer be updated.
When you back up and then restore the Directory Service on a domain controller, duplicate Security ID (SID) events may appear in Event Viewer.
This behavior can occur when duplicate relative IDs (RIDs) are created in the domain controller. After a domain controller is restored, it should invalidate its current relative ID (RID) pool and request a new one. The Rid AvailablePool attribute is not being reset to zero (0) correctly. Therefore, when the restored domain controller asks for a new RID pool from the RID Flexible Single Master Operation (FSMO) owner, it receives the next RID pool available based on the backup time value, which can cause the restored domain controller to begin issuing duplicate SIDs.
To prevent the scenario discussed in the article (duplicate sides following restore), intall the latest service pack for Windows 2000 prior to performing system state restores on Windows 2000 domain controllers.
Microsoft has confirmed that this is a problem in Microsoft Windows 2000.
This problem was first corrected in Windows 2000 Service Pack 2.