Error message: "Windows cannot create the object because the Directory Service was unable to allocate a relative identifier"
The account-identifier allocator failed to initialize properly. The record data contains the NT error code that caused the failure. Windows 2000 may retry the initialization until it succeeds; until that time, account creation will be denied on this Domain Controller. Please look for other SAM event logs that may indicate the exact reason for the failure.
Windows 2000 Service Pack 3 and Windows Server 2003 introduced features designed to help avoid the adverse effects of duplicate operations master roles existing in the same forest or domain. Domain controllers perform an initial synchronization at startup on each naming context hosted on a particular domain controller. A domain controller that holds the Schema Master, Domain Naming Master, RID Master, PDC emulator, or the Infrastructure Master role does not assume ownership of the role until it synchronizes with at least one neighbor for each writeable naming context.
- Move the computer that you want to restore to a separate network that is isolated from you production network.
- Restore this computer from backup. Do not restart the computer when the restoration is complete.
- On the temporary RID Master domain controller on the production network, open a command prompt, type repadmin /showvector, and then press ENTER.
- Shut down the temporary RID Master domain controller, and then move it to the separate network with the restored computer.
- Start both computers.
- Use the Sites and Services Manager Snap-in to initiate replication between the two computers. To do so, follow these steps:
- Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
- Expand the Sites container in the left pane, and then expand the container that represents the name of the site containing the target server that you must synchronize with its replication partners.
- Expand the Servers container, and then expand the target server to display the NTDS Settings object (an object that represents the settings for the domain controller).
- Click the NTDS Settings object. The connection objects in the right pane represent the target server's direct replication partners.
- Right-click a connection object in the right pane, and then click Replicate Now.
Windows 2000 initiates replication of any changes from the source server (the server represented by the connection object) to the target server for all the directory partitions that the target server is configured to replicate from the source server.
- Transfer all the operations master roles back to the original role-holder.
- Move both computers back to the production network.
Article ID: 822053 - Last Review: 10/30/2006 21:25:58 - Revision: 1.4
- kbprb KB822053