When i create a new user in Active Directory in Windows Server 2000 it give me this error “The directory service has exhausted the pool of relative identifiers”.Please assist me.
When i create a new user in Active Directory in Windows Server 2000 it give me this error “The directory service has exhausted the pool of relative identifiers”.Please assist me.
The domain controller that holds the RID master for your domain is not in contact with the domain controller you are using. I assume you have or had more than one domain controller for this domain, and now one of the domain controllers (the one holding the RID master role) has been offline for some time now. Is this the case? I’ve seen similar situations occur when a domain controller crashes, and is never properly “cleaned up” using the ntdis utility.
To fix this, you will need to have a domain controller “sieze” the RID master role. To do this, you want to connect to the domain controller that is working, and open a cmd prompt.
Well, here is a link to instructions on exactly how to do it.
http://technet2.microsoft.com/windowsserver/en/library/e8b6ccc4-cae8-46ea-86ed-bf5f1899cdb81033.mspx?mfr=true
I should stress that these assumptions were made when recommending the seize rid master solution:
Your domain lost a domain controller that had the RID master role. This does not assume that you have branch offices that have a long time between intervals of active direcotry synchronization and you are creating quite a number of new objects in active directory on your domain controller between synchronization to the RID master. If this is the case then definately do NOT sezie the RID master, jsut sync with it.
If you plan to add large numbers of objects to active directory while the RID will be unavailble, then it is recommended that you transfer the RID master role to a domain controller that will be creating the objects.
Once you seize the RID master role, that old RID master DC if you ever find it or repair it, should never be brought back online. It will need to be formatted and reinstalled, become a domain menber and promoted to DC before it can even think about being rid master again.
For good housekeeping, you should also cleanup the old remenants of the lost domain controller, using the ntdsutil.
Let us know if i’m off base here, I realize I’ve made quite a bit of assumptions. If this solution is off base, how many DC’s do you have? what os? what is functional level of domain? what level sp? any new DC’s recently?