PDC

5 pts.
Tags:
Active Directory
DHCP
DNS
Networking services
Hi, My event viewer keeps throwing me the event id 16650 source SAM. I have read up on the net about the possibilities of the error but am but am confused. I have two servers which i will call server01 n server02. server01 is suppose to be the domain controller(though it seems as though its server02 that is the DC). Why i say this coz i cant create a user in server01 active directory until i create it first on server02 AD. N then if i go refresh on server01 is when i shall see a new user. The error message that i get on server01 if i try to create a new user or object is "Relative identifier cannot be found". I have checked the properties in Active Directory under my domain name abc.com if i right click n then select operations master, this is what i have found RID is server01 PDC is server02 Infrastructure is server01 In server02 - the global catalog has been checked. Now my question is, if server02 is the Primary Domain Controller, how do i change it to make it server01?? By changing the PDC will that solve the problem to stop throwing the 1650 event id?? Please help me out here...i am hesitating to make any changes at the moment in fear of doing something wrong n then messing up. Please will really really appreciate some guidance and advise for me to follow. Thanks in advance, Princess

Answer Wiki

Thanks. We'll let you know when a new response is added.

You can change the FSMO roles using ntdsutil. You mention in your post that you’re hesitating to change anything for fear of breakage. If you don’t know what FSMO roles are and you don’t know how to use ntdsutil to change them hesitating is a good idea. I’d suggest learning about those things using the plethora of resources available on the microsoft web site first. Once you have I’m sure you’ll be able to comfortably change the roles and handle any problems that might come up as a result.

Discuss This Question: 6  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • PaulHinsberg
    There seems to be some confusion between the domain controllers. I would get ahold of the DCDIAG.exe from the Windows Support Tools (found on the CD or for download from www.microsoft.com/downloads. Running this tool should tell you more information. The RID Master needs to be contacted for creating new objects and it is funny that the local machine is unable to locate itself. Keep in mind that the way it finds services is not by querying a machine but looking for the service in DNS (an SRV record). You might want to double check the TCP/IP Configuration of the server01 and make sure that the DNS IP address configuration is correct. You can then run IPCONFIG /REGISTERDNS to make sure that server01 has registered all of the services and host records it needs to. Check the event log for message regarding DNS. In addition, double-check that there is a SYSVOL share on server01 (Computer Management | SHARES). If SYSVOL is not present that would be an indication that the server is not working as a real Domain Controller. Incidentally, if you are thinking of moving the FSMO roles to another server - I would suggest moving them all to server02 as it appears to be the one working correctly at this point. Paul
    15 pointsBadges:
    report
  • RoniPerkins
    Hi Princess.... Let me see if I can help. 1st off let's determine if you have two DCs. In Active Directory, there is no such thing as PDC...only DCs which are "created equal" and have R/W AD capabilities. Here's a quick & easy way to determine if your Server is a DC or Member Server. Go to "Computer Management" if "Local Users/Groups" (which uses a the SAM database) has a "red X" through it or "does not exist"...then you have a DC. All Domain Controllers (DCs) are equal "kinda"...by default the 5 FSMO Roles by default they all reside on the Forest Root Server (the 1st DC installed in the Forest): Schema Master (Admin Tools | Active Directory Schema) Domain Naming Master (Admin Tools | AD Domains & Trusts) RID Master(Admin Tools | AD Users & Computers) PDC Emulator (") Infrastructure Master(") You can use the GUIs mentioned above or use the "NTDSUTIL" command line utility to Transfer "Roles" to/from DCs. The transfer of roles while the DCs are live will not effect your Users and it will not require a reboot. Hope this helps. - Roni
    0 pointsBadges:
    report
  • Astronomer
    I haven't investigated your problem but before you start, you should be very familiar with the roles played by microsoft domain controllers. Check out the fllowing web site: http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/ActiveDirectory/Windows2000DomainControllerOperationsMasterRoles.html This should give you a basic understanding of what these roles are. After you finish with that, check out this link: http://support.microsoft.com/?kbid=839879 This should point you to how to fix your problem. rt
    15 pointsBadges:
    report
  • Bobkberg
    TECHTARGET.COM ADMINS - please take note. Is there a reason that the discussion on this (and some other) threads shows up so wide on my browser? I have to scroll left and right to read all of the posted comments. This doesn't happen on all posts, just some of them. Any clue? Thanks, Bob - And now we continue with our feature presentation... :-)
    1,070 pointsBadges:
    report
  • Hedgehog
    Hi Bob, I have same problem, and it's a real pain in the ... Anyway, I think it's because of the long URL in astronomer's post (in this case). The TechTarget script doesn't seem to wrap the URL's in multiple lines (which is good), BUT now the rest of the text in ALL the other posts just take that new width as the overall width... As I said, a real pain. Cheers Hedgehog. PS: Sorry PRINCESS8 I can't help on the actual post; not my real area of expertise, but still like to quietly read these posts and great answers.
    0 pointsBadges:
    report
  • PRINCESS8
    Hi guys, Thank you soo much for all your replies. It has really helped me alot. I just wanted to share with you my findings. From Paul's suggestion, i downloaded the DCDIAG utility and i would like to share with you what the outcome was after running the utilities on both the servers so that it would all give a better insight to my problem as well and then guide me accordingly. My Domain name is called ABC.COM Below is the result from SERVER01 Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-NameSERVER01 Starting test: Connectivity SERVER01's server GUID DNS name could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (7957a691-22d9-4049-880e-9624fa04f2c5._msdcs.ABC.com) couldn't be resolved, the server name (SERVER01.ABC.COM) resolved to the IP address (192.168.1.1) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... SERVER01 failed test Connectivity Doing primary tests Testing server: Default-First-Site-NameSERVER01 Skipping all tests, because server SERVER01 is not responding to directory service requests Running enterprise tests on : ABC.com Starting test: Intersite ......................... ABC.com passed test Intersite Starting test: FsmoCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355 A Global Catalog Server could not be located - All GC's are down. ......................... ABC.com failed test FsmoCheck Below is the Result of SERVER02: Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-NameSERVER02 Starting test: Connectivity 5a5343cd-692f-471a-a61e-63eb7b54d7ad._msdcs.ABC.com's server GUID DN S name could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (5a5343cd-692f-471a-a61e-63eb7b54d7ad._msdcs.ABC.com) couldn't be resolved, the server name (SERVER02.ABC.COM) resolved to the IP address (192.168.1.2) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... SERVER02 failed test Connectivity Doing primary tests Testing server: Default-First-Site-NameSERVER02 Skipping all tests, because server SERVER02 is not responding to directory service requests Running enterprise tests on : ABC.com Starting test: Intersite ......................... ABC.com passed test Intersite Starting test: FsmoCheck ......................... ABC.com passed test FsmoCheck ******* It seems there is quite a mess here that i have to resolve. Please let me know your suggestions...i need help desperately... Thank you all once again..i have learnt sooo much from all your responses and really appreciate it!!! princess
    5 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following