Hi Ken
Sounds like you're having fun. :-) Your 2 options are either to restore from a good backup or re-install. If you go for a restore, you need to work with a backup from that machine (it is not possible to use a backup from a different DC). You also need to think about how to handle any FSMO roles that machine may have had. Another consideration is tombstone lifetime (default=60 days), if the problem has been going on for longer than this. It might be easier to re-install. Given that it has been down for a while, it is obviously not time-critical. You need to think about the impact of replication on the network, especially if you have slow WAN links and a large AD database. A good starting point for this is the Active Directory Disaster Recovery white paper. http://www.microsoft.com/WINDOWS2000/techinfo/administration/activedirectory/addrstep.asp Tony -----Original Message----- From: Rinehart, Ken [mailto:[EMAIL PROTECTED]] Sent: Freitag, 15. M�rz 2002 20:03 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD restore mode The machine has been rebooting itself in an edless loop for at least a month. I just stumbled upon it because it's located in an area that isn't visited much. I haven't seen anything weird in AD other than a mention of not being able to replicate to all DCs in the site which may explain why I was getting that error. Looks like it's back to doing the same thing again. What is the best way to rebuild this guy? Wipe it clean, reinstall W2K server then DCPROMO using the same name it had? Ken -----Original Message----- From: SALANDRA, JUSTIN [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 10:46 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD restore mode You may have to cease the roll of that operation master to a different role for the time being. It sounds like the machine is just not liking you right now. What were you doing before this happened on the machine? Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -----Original Message----- From: Rinehart, Ken [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 1:38 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD restore mode Interesting. Well after playing around I figured out a way to "fix" the database on that machine using eseututl This infact cleared up the inconsistancies in the DB and now the machine will boot up but I can't login! Administrator passwords don't work. It doesn't help that we don't know much about this machine. I believe it is the forest and infrastructure controller for our root domain. Ken -----Original Message----- From: SALANDRA, JUSTIN [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 10:17 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD restore mode Your restore won't mean anything if you do not go into ntdsutil and make that servers copy of AD the authoritative copy that will be replicated to all other servers. Do all the other servers have the same issue? If they don't then I don't think it is an issue with AD, it may just be an issue with the OS of the server or something else to that affect. Remember that if you end up having to rebuild the machine, you need to clean up the metadatabase before re dcpromoing the DC with the same name. You only need to do this if you can't run dcpromo on the machine prior to rebuilding it. Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -----Original Message----- From: Rinehart, Ken [mailto:[EMAIL PROTECTED]] Sent: Friday, March 15, 2002 12:23 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] AD restore mode Anyone familiar with using the AD restore mode? I have an issue with a domain controller that boots up to an error stating that SAM initilization failed because AD couldn't start. Get a hex error 0xc00002e1. I've got a few tech articles on the MS site but don't really address the issue. I'm guessing that I'll need to restore the AD from a backup off of another machine? Is this correct? And is authoratative the right way to go in this case since this isn't the 1st DC in my domain I've got 3 or 4 others. Thanks Ken <mailto:[EMAIL PROTECTED]> List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
