Fastlane NDS Migrator
When you try to create a new object in Active Directory, you may receive the following error message: Windows cannot create the object because the Directory Service was unable to allocate a relative identifier.
Cause: This problem may occur if the domain controller that held the operations master role (also known as flexible single master operations or FSMO) of RID Master was removed from the domain and restored from backup. If the role of RID Master was forced onto another domain controller as a temporary replacement, when the original RID Master is restored and returned to the domain, it does not replicate with its direct replication partner and does not reclaim the role of RID Master.
Windows 2000 Service Pack 3 and Windows Server 2003 introduced features designed to help avoid the adverse effects of duplicate operations master roles existing in the same forest or domain. Domain controllers perform an initial synchronization at startup on each naming context hosted on a particular domain controller. A domain controller that holds the Schema Master, Domain Naming Master, RID Master, PDC emulator, or the Infrastructure Master role does not assume ownership of the role until it synchronizes with at least one neighbor for each writeable naming context.
To resolve this problem, follow these steps:
1. Move the computer that you want to restore to a separate network that is isolated from you production network.
2. Restore this computer from backup. Do not restart the computer when the restoration is complete.
3. On the temporary RID Master domain controller on the production network, open a command prompt, type repadmin /showvector, and then press ENTER.
4. Shut down the temporary RID Master domain controller, and then move it to the separate network with the restored computer.
5. Start both computers.
6. Use the Sites and Services Manager Snap-in to initiate replication between the two computers. To do so, follow these steps:
A. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
B. Expand the Sites container in the left pane, and then expand the container that represents the name of the site containing the target server that you must synchronize with its replication partners.
C. Expand the Servers container, and then expand the target server to display the NTDS Settings object (an object that represents the settings for the domain controller).
D. Click the NTDS Settings object. The connection objects in the right pane represent the target server's direct replication partners.
E. Right-click a connection object in the right pane, and then click Replicate Now.
Windows 2000 initiates replication of any changes from the source server (the server represented by the connection object) to the target server for all the directory partitions that the target server is configured to replicate from the source server.
7. Transfer all the operations master roles back to the original role-holder.
8. Move both computers back to the production network.
Please reference the Microsoft KB Article 822053 for complete information.