Backup and restore of RID Flexible Single-Master Operations domain controller causes duplicate SIDs (307725)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
This article was previously published under Q307725

SYMPTOMS

When you back up and then restore the Directory service on a relative ID (RID) operations master (also known as flexible single-master operations or FSMO) domain controller (DC), duplicate Security ID (SID) events may appear in Event Viewer.

CAUSE

This problem can occur when duplicate RIDs are created in the DC. After a RID flexible single-master operations DC is restored, it tries to check its RID flexible single-master operations ownership. But it returns TRUE even before init sync with another DC has finished. Because of this, when the RID flexible single-master operations DC is restored, it may use old RID pool values, and it can cause the restored RID flexible single-master operations DC to begin issuing duplicate SIDs.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to obtain the latest Windows 2000 service pack

The English version of this fix should have the following file attributes or later:
   Date          Version         Size      File name     
   -----------------------------------------------------------
   06-Sep-2001   5.0.2195.4301   507,152   Lsasrv.dll (56-bit)
   09-Oct-2001   5.0.2195.4472   123,664   Adsldp.dll
   09-Oct-2001   5.0.2195.4308   130,832   Adsldpc.dll
   09-Oct-2001   5.0.2195.4016    62,736   Adsmsext.dll
   09-Oct-2001   5.0.2195.4384   364,816   Advapi32.dll
   09-Oct-2001   5.0.2195.4141   133,904   Dnsapi.dll
   09-Oct-2001   5.0.2195.4379    91,408   Dnsrslvr.dll
   09-Oct-2001   5.0.2195.4437   145,680   Kdcsvc.dll
   04-Oct-2001   5.0.2195.4471   199,440   Kerberos.dll
   04-Sep-2001   5.0.2195.4276    71,024   Ksecdd.sys
   27-Sep-2001   5.0.2195.4411   511,248   Lsasrv.dll
   06-Sep-2001   5.0.2195.4301    33,552   Lsass.exe
   27-Sep-2001   5.0.2195.4285   114,448   Msv1_0.dll
   09-Oct-2001   5.0.2195.4153   312,080   Netapi32.dll
   09-Oct-2001   5.0.2195.4357   370,448   Netlogon.dll
   09-Oct-2001   5.0.2195.4464   912,656   Ntdsa.dll
   09-Oct-2001   5.0.2195.4433   387,856   Samsrv.dll
   09-Oct-2001   5.0.2195.4117   111,376   Scecli.dll
   09-Oct-2001   5.0.2195.4476   299,792   Scesrv.dll
   09-Oct-2001   5.0.2195.4025    50,960   W32time.dll
   01-Aug-2001   5.0.2195.4025    56,592   W32tm.exe
   09-Oct-2001   5.0.2195.4433   125,712   Wldap32.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 3.
Modification Type:MinorLast Reviewed:9/26/2005
Keywords:kbHotfixServer kbQFE kbbug kbDirServices kbenv kbfix kbnetwork kbWin2000sp3fix KB307725
©2004 Microsoft Corporation. All rights reserved.