Score:-1

Directory-Service-SAM Error

ke flag

In the Windows System event log, there are errors from Directory-Services-SAM. It is saying "The request for a new account-identifier pool failed. The operation will be retried until the request succeeds. The error is - The role owner attribute could not be read" enter image description here

And how do I locate the UserID belongs to which user / device? enter image description here

Command to get the RID Master, and ping the domain which looks fine. enter image description here

Score:0
cn flag

I'm not sure I understand the question you are asking "And how do I locate the UserID belongs to which user / device?"

If you are asking who S-1-5-18 is, that's LOCAL SYSTEM.

But the error you are showing suggests that the domain controller you are on is not able to contact the RID Master, which is the Operations Master (FSMO) responsible for allocating SIDs. SIDs are needed for creating new user objects (and so forth). Is your domain healthy? Is the DC which is holding the RID Master currently online?

You can find your RID Master with this PowerShell: Get-ADDomain | Select-Object RIDMaster

Boon Chye Phang avatar
ke flag
Hi @Conure I added the screenshot that I tried the command to get the RID Master, and could find it. And did a ping to the domain also received replies. How do I find out what went wrong?
cn flag
OK that's good! Next step would be to check the domain controller health of that system, as well as replication health of the domain. Run `DCDiag` on all DCs. Then also run `repadmin /replsummary` to make sure replications have happened recently.
cn flag
Here are possibly related troubleshooting steps. Different error, but it is related to the RID allocator having issues. You'll notice that the link also has you run DCDiag to look for errors, but also provides some remediation steps. https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/event-16650-account-identifier-allocator-not-initialize
Paul avatar
cn flag
@Conure Welcome to Server Fault! Normally we reserve answers for workable solutions to problems. When further details are required to answer a question, please use comments. In this case, please be sure to [edit](https://serverfault.com/posts/1084199/edit) your answer once your solution is completely worked out.
cn flag
Hi Paul! Thanks for the welcome. At the time I answered I did not have permission to comment due to lack of points. Conversely I couldn't earn points without answering. The starting position as a new member left me in a catch-22 as I was trying to find ways to contribute to the community. Now that I have points I will be able to follow the community norms and standards.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.