Active Directory Forest Recovery - Invalidate the current RID pool

Applies to: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 and 2012 R2, Windows Server 2008 and 2008 R2

Use the following procedure to use Windows PowerShell to invalidate the current RID pool on a domain controller. Windows PowerShell is enabled by default on Windows Server 2012 and Windows Server 2008 R2, but not Windows Server 2008 where it must be installed by using Add Features. It can be downloaded to run on Windows Server 2003.

To verify the command completed successfully, check for event ID 16654 (source is Directory-Services-SAM) in the System log in Event Viewer in Windows Server 2012. Earlier versions of Windows don't log this event.

Note

After you invalidate the RID pool, you will receive an error when you first attempt to create security principal (user, computer, or group). The attempt to create an object triggers a request for a new RID pool. Retry of the operation succeeds because the new RID pool will be allocated.

Invalidate the current RID pool

• Open an elevated Windows PowerShell session, run the following command and press ENTER:

  $Domain = New-Object System.DirectoryServices.DirectoryEntry
  $DomainSid = $Domain.objectSid
  $RootDSE = New-Object System.DirectoryServices.DirectoryEntry("LDAP://RootDSE")
  $RootDSE.UsePropertyCache = $false
  $RootDSE.Put("invalidateRidPool", $DomainSid.Value)
  $RootDSE.SetInfo()
  

Next steps

• AD Forest Recovery - Prerequisites
• AD Forest Recovery - Devise a custom forest recovery plan
• AD Forest Recovery - Steps to restore the forest
• AD Forest Recovery - Identify the problem
• AD Forest Recovery - Determine how to recover
• AD Forest Recovery - Perform initial recovery
• AD Forest Recovery - Procedures
• AD Forest Recovery - Frequently Asked Questions (FAQ)
• AD Forest Recovery - Recover a single domain within a multidomain forest
• AD Forest Recovery - Redeploy remaining DCs
• AD Forest Recovery - Virtualization
• AD Forest Recovery - Cleanup