SAM Event Error 16650

  • Thread starter Thread starter Max Hug
  • Start date Start date
M

Max Hug

I keep receiving a SAM event error 16650. The domain
controller had lost it's HDD and needed to be totally
replaced without benefit of having a backup (please don't
ask!). When the new HDD was installed and Windows 2000
Server put back on the drive, the roles were 'transfered'
back to the DC from another DC that had been part of
Active Directory. I do not know what server had what
roles prior to this! Regardless, now the event logs keep
giving this error, I cannot use Active Directory Users &
Computers to manage the domain from this server and there
are multitudes of other issues as well.

I ran NTDSUTIL to determine what DC had what roles and
this is what each DC gave me:

Binding to Server1 ...
Connected to Server1 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server1" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local

Binding to Server2 ...
Connected to Server2 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server2" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local

and

Binding to Server3 ...
Connected to Server3 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server3" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site-Name,CN=Sites,CN=Configuration,DC=concrete,DC=local


As you can see, each has given me identical information,
so as near as I can make it, Server2 holds only one role
(supposedly this was the DC that all the roles
were 'transfered' back to Server1 from) that being Domain
Naming Master.

I really need to clear this issue up, and from what I have
read in the Knowledgebase, articles 248410 and, 223787 and
822053 I need to have a backup in order to clear the
issue. Unfortunately as stated at the beginning of this
message, I do not have a backup and cannot figure out
where to go from here. I am desparate, need to get it
fixed and am looking for THE way to get past this and back
to a correct Active Directory configuration.

Any and all assistance is welcome and appreciated.

Thanks.

Max
 
On Server1 (or Bind t Server1) run ntdsutil and seize the roles Schema, RID
and Infrastructure. The output is showing you that the ntds setting for the
previous roles holder has been deleted. You should be fine after this
 
I seized the roles, now I will wait to see what happens.
Thanks for the assist.

Max
-----Original Message-----
On Server1 (or Bind t Server1) run ntdsutil and seize the roles Schema, RID
and Infrastructure. The output is showing you that the ntds setting for the
previous roles holder has been deleted. You should be fine after this

--
Richard McCall [MSFT]

"This posting is provided "AS IS" with no warranties, and confers no
rights."
Max Hug said:
I keep receiving a SAM event error 16650. The domain
controller had lost it's HDD and needed to be totally
replaced without benefit of having a backup (please don't
ask!). When the new HDD was installed and Windows 2000
Server put back on the drive, the roles were 'transfered'
back to the DC from another DC that had been part of
Active Directory. I do not know what server had what
roles prior to this! Regardless, now the event logs keep
giving this error, I cannot use Active Directory Users &
Computers to manage the domain from this server and there
are multitudes of other issues as well.

I ran NTDSUTIL to determine what DC had what roles and
this is what each DC gave me:

Binding to Server1 ...
Connected to Server1 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server1" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local

Binding to Server2 ...
Connected to Server2 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server2" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local

and

Binding to Server3 ...
Connected to Server3 using credentials of locally logged
on user
server connections: quit
domain management: select operation target
select operation target: list roles for connected server
Server "Server3" knows about 5 roles
Schema - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Domain - CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Default-
First-Site-Name,CN=Si
tes,CN=Configuration,DC=concrete,DC=local
PDC - CN=NTDS Settings,CN=SERVER1,CN=Servers,CN=Default-
First-Site-Name,CN=Sites
,CN=Configuration,DC=concrete,DC=local
RID - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local
Infrastructure - CN="NTDS Settings
DEL:7b8dd8f7-5fad-4e6d-b3c5-
a88761a74ae5",CN=SERVER1,CN=Servers,CN=Default-First
-Site- Name,CN=Sites,CN=Configuration,DC=concrete,DC=local


As you can see, each has given me identical information,
so as near as I can make it, Server2 holds only one role
(supposedly this was the DC that all the roles
were 'transfered' back to Server1 from) that being Domain
Naming Master.

I really need to clear this issue up, and from what I have
read in the Knowledgebase, articles 248410 and, 223787 and
822053 I need to have a backup in order to clear the
issue. Unfortunately as stated at the beginning of this
message, I do not have a backup and cannot figure out
where to go from here. I am desparate, need to get it
fixed and am looking for THE way to get past this and back
to a correct Active Directory configuration.

Any and all assistance is welcome and appreciated.

Thanks.

Max
Click to expand...


.
Click to expand...
 
Seizing the roles did not fix the problem. I am still
seeing event log error 16650 and am unable to administer
AD from this Domain Controller. Any other suggestions or
assistance is appreciated.

Max
 
Back
Top