You need to ensure that the domain controllers can acquire new account-identifier pools successfully

Your network contains an Active Directory forest. The forest contains one domain named
contoso.com.
You discover the following event in the Event log of domain controllers: “The request for a
new accountidentifier pool failed. The operation will be retried until the request succeeds.
The error is “ %1 “”
You need to ensure that the domain controllers can acquire new account-identifier pools
successfully.
What should you do?

Your network contains an Active Directory forest. The forest contains one domain named
contoso.com.
You discover the following event in the Event log of domain controllers: “The request for a
new accountidentifier pool failed. The operation will be retried until the request succeeds.
The error is “ %1 “”
You need to ensure that the domain controllers can acquire new account-identifier pools
successfully.
What should you do?

A.
Move the domain naming master role.

B.
Move the global catalog server.

C.
Restart the Active Directory Domain Services (AD DS) service.

D.
Deploy an additional global catalog server.

E.
Move the infrastructure master role.

F.
Move the PDC emulator role.

G.
Install a read-only domain controller (RODC).

H.
Move the RID master role.

I.
Move the bridgehead server.

J.
Move the schema master role.

Explanation:
This error can occur when the server holding the RID master role is not available to provide
a new RID pool.
Moving the RID master role to another domain controller will resolve this.

http://technet.microsoft.com/en-us/library/cc756699.aspx
Event ID 16651 — RID Pool Request
Users, computers, and groups stored in Active Directory are collectively known as security
principals. Each security principal is assigned a unique alphanumeric string called a SID.
The SID includes a domain prefix identifier that uniquely identifies the domain and a relative
identifier (RID) that uniquely identifies the security principal within the domain. The RID is a
monotonically increasing number at the end of the SID. Each domain controller is assigned a
pool of RIDs from the global RID pool by the domain controller that holds the RID master
role (also known as flexible single master operations or FSMO) in each Active Directory
domain. The RID master (also known as the RID pool manager, RID manager, or RID
operations master) is responsible for issuing a unique RID pool to each domain controller in
its domain. By default, RID pools are obtained in increments of 500. (…) Newly promoted
domain controllers must acquire a RID pool before they can advertise their availability to
Active Directory clients or share the SYSVOL. Existing domain controllers require additional
RID allocations in order to continue creating security principals when their current RID pool
becomes depleted.
Event Details
Message
The request for a new account-identifier pool failed. The operation will be retried until the
request succeeds.
The error is ” %1 “
Resolve
Check connectivity to the RID master, and check its replication status
A relative ID (RID) pool was not allocated to the local domain controller. Ensure that the local
domain controller can communicate with the domain controller that is identified as the RID
operations master.
Ensure that the RID master is online and replicating to other domain controllers.



Leave a Reply 0

Your email address will not be published. Required fields are marked *