AD DS: The domain controller must be able to connect to the RID master in this domain

Published: April 23, 2009

Updated: August 31, 2012

Applies To: Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Active Directory Domain Services Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer (

Operating System

Windows Server 2008 R2

Windows Server 2012


Active Directory Domain Services (AD DS)






The domain controller cannot connect to the relative ID (RID) master in this domain.


When it runs out of the allocated set of RIDs, the domain controller will not be able to generate RIDs for new objects.


Make sure that this domain controller is connected to the RID master in this domain.

Troubleshoot the domain controller that cannot connect to the RID master in the domain. If the issue is not identified and resolved, troubleshoot the domain controller that owns the RID operations master (also known as flexible single master operations or FSMO) role. For more information, see Responding to operations master failures (

Additional references

For more information, see Operations master roles (