Event id 16650
in [Active Directory]
|
From: Carl on 23 Jan 2006 10:40 We have a mixture of 2003 and 2k servers that are domain controllers on our network. I recently installed a copy of 2k server on a spare machine, put sp4 on it, grabbed all the updates from our SUS server and then I promoted it to become a domain controller. Everything seems to be working fine, except in the event logs, it keeps logging event id 16650 with the description of "The account-identifier allocator failed to initialize properly. The record data contains the NT error code that caused the failure. Windows 2000 will retry the initialization until it succeeds; until that time, account creation will be denied on this Domain Controller. Please look for other SAM event logs that may indicate the exact reason for the failure." I did a google search on this particular event id, the kb article (839879) that talks about this refers to a RID master which is not the case with this server. The RID master is installed on a different server, a 2003 server. I don't have any problems with creating object in AD on any other server on the network except for this new one.
From: Jorge de Almeida Pinto [MVP] on 23 Jan 2006 14:23 first.... check the RID Master itself as it could have a problem on the RID MASTER run: DCDIAG /D /C /V NETDIAG /DEBUG /V to see if something is wrong also make sure ALL DCs in the domain can communicate with the RID master -- Cheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Windows Server - Directory Services BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ----------------------------------------------------------------------------- * This posting is provided "AS IS" with no warranties and confers no rights! * Always test before implementing! ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- "Carl" <Carl(a)discussions.microsoft.com> wrote in message news:5249F8B0-E4B2-4C8E-AFE9-AC17EF4E416C(a)microsoft.com... > We have a mixture of 2003 and 2k servers that are domain controllers on > our > network. I recently installed a copy of 2k server on a spare machine, put > sp4 on it, grabbed all the updates from our SUS server and then I promoted > it > to become a domain controller. Everything seems to be working fine, > except > in the event logs, it keeps logging event id 16650 with the description of > "The account-identifier allocator failed to initialize properly. The > record > data contains the NT error code that caused the failure. Windows 2000 > will > retry the initialization until it succeeds; until that time, account > creation > will be denied on this Domain Controller. Please look for other SAM event > logs that may indicate the exact reason for the failure." I did a google > search on this particular event id, the kb article (839879) that talks > about > this refers to a RID master which is not the case with this server. The > RID > master is installed on a different server, a 2003 server. I don't have > any > problems with creating object in AD on any other server on the network > except > for this new one.
From: Ryan Hanisco on 24 Jan 2006 00:00 Carl, While not common, this can also be a DNS problem where the domain controller cannot find all of the srv records that it is expecting. Make sure that you can ping the domain by FQDN from the problem server and that it has all of its DNS correctly pointed. Jorge's advice is solid as well. I just like to always start with DNS for these kinds of problems. Ryan Hanisco "Carl" <Carl(a)discussions.microsoft.com> wrote in message news:5249F8B0-E4B2-4C8E-AFE9-AC17EF4E416C(a)microsoft.com: > We have a mixture of 2003 and 2k servers that are domain controllers on our > network. I recently installed a copy of 2k server on a spare machine, put > sp4 on it, grabbed all the updates from our SUS server and then I promoted it > to become a domain controller. Everything seems to be working fine, except > in the event logs, it keeps logging event id 16650 with the description of > "The account-identifier allocator failed to initialize properly. The record > data contains the NT error code that caused the failure. Windows 2000 will > retry the initialization until it succeeds; until that time, account creation > will be denied on this Domain Controller. Please look for other SAM event > logs that may indicate the exact reason for the failure." I did a google > search on this particular event id, the kb article (839879) that talks about > this refers to a RID master which is not the case with this server. The RID > master is installed on a different server, a 2003 server. I don't have any > problems with creating object in AD on any other server on the network except > for this new one.
From: Carl on 24 Jan 2006 17:42 Checked DNS, everything seems to be working fine. I ran the dcdiag test per Jorge's suggestion on both the RID master and the problem server. The test results for the RID master server were good. For the problem server, the following error appeared: Starting test: RidManager * Available RID Pool for the Domain is 142606 to 1073741823 * faxsvr0903.rrins.dom is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 142106 to 142605 No rids allocated -- please check eventlog. ......................... FORTDC2006 passed test RidManager I also ran the same test on other DCs on the network, none has the same error under "RidManager". I even tried to transfer the RID role to other DCs including to this problem server and after transfering the role, no DC had any problems creating new objects except for the same problem server (even when it is the RID master). Carl "Ryan Hanisco" wrote: > Carl, > > While not common, this can also be a DNS problem where the domain > controller cannot find all of the srv records that it is expecting. > Make sure that you can ping the domain by FQDN from the problem server > and that it has all of its DNS correctly pointed. > > Jorge's advice is solid as well. I just like to always start with DNS > for these kinds of problems. > > Ryan Hanisco > > "Carl" <Carl(a)discussions.microsoft.com> wrote in message > news:5249F8B0-E4B2-4C8E-AFE9-AC17EF4E416C(a)microsoft.com: > > > We have a mixture of 2003 and 2k servers that are domain controllers on our > > network. I recently installed a copy of 2k server on a spare machine, put > > sp4 on it, grabbed all the updates from our SUS server and then I promoted it > > to become a domain controller. Everything seems to be working fine, except > > in the event logs, it keeps logging event id 16650 with the description of > > "The account-identifier allocator failed to initialize properly. The record > > data contains the NT error code that caused the failure. Windows 2000 will > > retry the initialization until it succeeds; until that time, account creation > > will be denied on this Domain Controller. Please look for other SAM event > > logs that may indicate the exact reason for the failure." I did a google > > search on this particular event id, the kb article (839879) that talks about > > this refers to a RID master which is not the case with this server. The RID > > master is installed on a different server, a 2003 server. I don't have any > > problems with creating object in AD on any other server on the network except > > for this new one. > >
From: Tomasz Onyszko on 24 Jan 2006 18:05 Carl wrote: > We have a mixture of 2003 and 2k servers that are domain controllers on our > network. I recently installed a copy of 2k server on a spare machine, put > sp4 on it, grabbed all the updates from our SUS server and then I promoted it > to become a domain controller. Everything seems to be working fine, except > in the event logs, it keeps logging event id 16650 with the description of > "The account-identifier allocator failed to initialize properly. The record > data contains the NT error code that caused the failure. Windows 2000 will > retry the initialization until it succeeds; until that time, account creation > will be denied on this Domain Controller. Please look for other SAM event > logs that may indicate the exact reason for the failure." I did a google > search on this particular event id, the kb article (839879) that talks about > this refers to a RID master which is not the case with this server. The RID > master is installed on a different server, a 2003 server. I don't have any > problems with creating object in AD on any other server on the network except > for this new one. What is the error code ? -- Tomasz Onyszko http://www.w2k.pl
|
Next
|
Last
Pages: 1 2 3 4 Prev: "MS DTC could not correctly process a DC Promotion/Demotion event. Next: frs problems |