Event ID - 1016

Event Id1016
SourceMicrosoft-Windows-ActiveDirectory_DomainService
DescriptionAD_TERM could not be initialized because the schema could not be loaded. User Action Restart the directory service and try this task again. If this error continues to occur, restore the directory service from backup media.
Event InformationAccording to Microsoft :
Cause :
This event is logged when the AD_TERM could not be initialized because the schema could not be loaded.
Resolution :
Add memory or correct schema corruption
Event IDs 1016, 1135, 1140, 1141, 1208, and 1315 indicate there may be a low memory condition or schema corruption. Determining whether the issue is related to low memory is the least intrusive operation.Therefore first determine if low memory is the cause of the issue.
  1. To determine how much memory is available, click Start. In Start Search, type winver, and then press ENTER. The physical memory appears at the bottom of the dialog box. Click OK.
  2. You can check memory usage in Task Manager. To check memory usage, click Start. In Start Search, type taskmgr, and then press ENTER. Click Performance.
  3. You can also check virtual memory usage. To check virtual memory usage, click Start.In Start Search, type sysdm.cpl, click Advanced, and in Virtual memory click Change.
  4. In Total paging file size for all drives,compare the numbers from Recommended with the numbers from Currently allocated.If the numbers are the same, the server may be running low on virtual memory.
Can resolve memory issues by adding more physical memory or reducing the number of applications that are running on the computer.If the memory is operating within normal parameters, the server may have a corrupt schema. If unsure about the type of memory or the maximum physical memory capacity of the server, visit the manufacturer's web site or contact their support number for further information.
If the available memory is not low, then there is likely schema corruption. Perform the following procedures on the domain controller reporting the issue.After each procedure, check Event Viewer to see if this event continues to be reported.If the event continues to be reported, try the next procedure in the list.
  1. Enable diagnostic logging for the schema.
  2. Update the schema cache.
  3. Restart the directory service.
  4. Restore the Active Directory database from backup media.
To perform these procedures,must have membership in Domain Admins or must have been delegated the appropriate authority.
Enable diagnostic logging for the schema
To verify a successful update of the schema,can enable diagnostic logging for the schema. When diagnostic logging is enabled, a schema update produces Event ID 1582 in the Directory Service log of Event Viewer.To enable diagnostic logging for the schema, you must edit the registry.
To enable diagnostic logging for the schema:
  1. Open Registry Editor. To open Registry Editor, click Start.In Start Search, type regedit, and then press ENTER. If the User Account Control dialog box appears, confirm that the action it displays is what wanted, and then click Continue.
  2. In the registry location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics, in the left pane, right-click the 24 DS Schema value, and then click Modify.
  3. Type 1 or higher (up to 5) for Value data to enable diagnostic logging for the schema.The higher the value, the more information is reported to the Directory Service log.
  4. Click OK.
Update the schema cache
To update the schema cache:
  1. Create a file to force a schema cache update using Ldifde.exe. Create a new text file named SchemaUp in a folder location that is convenient for you to access.
  2. Copy the following five lines of text, and then paste them as the contents of the SchemaUp.txt file.
    dn:
    changetype: modify
    add: schemaUpdateNow
    schemaUpdateNow: 1
  3. After you paste the text to the file, ensure that there are no line breaks (carriage returns) between each line of text.If there are line breaks, delete the empty lines. Ensure that you have a hyphen as the last line of text in the file.
  4. Save the file.
  5. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt.At the top of the Start Menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  6. Type ldif -i -f SchemaUp.txt, and then press ENTER. If necessary, type the file path to the text file that you saved.
  7. Open Event Viewer. To open Event Viewer, click Start. In Start Search, type eventvwr.msc, and then press ENTER.
  8. Expand Applications and Services Logs, and then click Directory Service.
  9. Look for Event ID 1582, which confirms that the schema cache was reloaded successfully. If do not see this event, click Find, type 1582, and then click Find Now. Event ID 1582 confirms that the schema cache was updated.
  10. Confirm that there are no Critical, Error, or Warning events related to the schema after the schema cache update. To locate events that are related to the schema, click Find, type DS Schema, and then click Find Next.
  11. Continue to click Find Next and review each event until you have verified that there are no Critical, Error, or Warning events that occured after the schema cache update.
Restart the directory service
To restart the directory service:
  1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. At the command prompt, type net stop ntds & net start ntds, and then press ENTER.
If the event continues to appear in Event Viewer, restart the domain controller, and then check Event Viewer again.
May have to increase virtual memory or physical memory.
Restore the Active Directory database from backup media
To restore the Active Directory database from backup media,need the Directory Services Restore Mode password.If do not know the Directory Services Restore Mode password,can reset it by using the Ntdsutil tool
  1. At a command prompt that you opened as administrator, type bcdedit /set safeboot dsrepair, and then press ENTER.
  2. Restart the domain controller.
  3. At the Windows logon screen, click Switch User.
  4. Click Other User.
  5. Type .\administrator as the user name, type the Directory Services Restore Mode password for the server and then press ENTER.
  6. Click Start. In Start Search, type cmd, and then press ENTER.
  7. At the command prompt, type wbadmin get versions -backuptarget:targetDrive:, and then press ENTER. Substitute the location of the backup that you want to restore for targetDrive.
  8. Identify the version of the backup that you want to restore.Must enter this version exactly in the next step.
  9. Type wbadmin start systemstaterecovery -version:dateTime -backuptarget:targetDrive:-quiet, and then press ENTER. Substitute the version of the backup that you want to restore for dateTime and the volume that contains the backup for targetDrive.
  10. Open a command prompt, type bcdedit /deletevalue safeboot, and then press ENTER.
  11. After the recovery operation completes restart the domain controller.
Note : There is no need to attempt an authoritative restore because the schema cannot be restored by using an authoritative restore.
Reference LinksEvent ID 1016 from Source Microsoft-Windows-ActiveDirectory_DomainService

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.