RE: [ActiveDir] More Server problems

[Stockbrugger, Brian L.]

Hello – I am new to this list serve but hopefully I can give some advice.   By the sounds of things you have two domain controllers – your “main DC” which has the problem and a 2nd DC that does not have DNS installed.  If you remove the “main DC” and rebuild it, this will leave you with one DC while you rebuild the problem server.  I agree completely with Tony that this is probably the best thing to do in this situation.  If this is the case you may want to as a precaution install a 3rd DC before you take the problem one off-line.  Even if it is an old desktop to backup your AD database and make it a GC just so you have some redundancy while you rebuild your “main” DC.   Here is a good starting article on some AD recovery techniques to seize various roles. http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/support/adrecov.mspx   You don’t mention a backup DNS server anywhere so if that is the case then the big challenge will be getting DNS working on the 2nd box (and 3rd box – if you choose) while you rebuild the problem box so service is maintained.  Especially since clients are pointing to the “main” DC.  You may need to install DNS on the 2nd DC and duplicate the DNS zones from the “main DC” and make the zones AD-integrated if they aren’t already before you take it off-line.  You will then need to point all clients to this 2nd DNS server so DNS resolution does not fail while you take the problem DC off-line for rebuild.  Clearly there are many more steps and the following guide can also be of some assistance.  My biggest piece of advice would be to never leave one DC alone on the network.  If it fails things will get real ugly real quick.   http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part2/adogdapb.mspx   I hope this helps.   Brian   -----Original Message----- From: Jacob Stabl [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 10, 2004 1:45 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] More Server problems   Yes it does do DNS, and everything else it was the first DC in the enterprise.  I have one backup currently that does nothing but authentication, it is not a dns or anything.  I will need to move those roles over to the backup DC, can you point me in a direction on technet for what I need to be reading.  I will want to move those roles back to the machine because the other DC is currenly doing a lot on its own (AV, DHCP, etc.).     -- Jake   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, August 10, 2004 4:30 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] More Server problems   Jake   >From the ongoing problems it sounds like your server is  basically unstable. You mention that it is the "main DC".  Not sure what you mean by this (that it has some FSMO roles, DNS, WINS, GC...?).  In any case, as you have other DCs one option you have is to rebuild the problem DC from scratch, during which the other DC(s) provide continued service.  Before you do this you will need to make sure that any roles, services, etc. that are hosted on the problem DC are transferred or made available on another DC in the same site.   There is some good info in the Microsoft Knowledge Base about how to prepare for this type of rebuild.   Tony ---------- Original Message ---------------------------------- Wrom: MVRESKPNKMBIPBARHDMNNSKVFVWRKJVZCMHVIBGDAD Reply-To: [EMAIL PROTECTED] Date:  Tue, 10 Aug 2004 12:39:40 -0400   Hello all a few weeks ago I sent an email out saying that the lsass.exe service was shutting down on me.  I applied patch MS04-11 (I think) and that seemed to work, now on the same machine I went to log in and it says:    The server can not log you on due to the following error:   The network request is not supported:   Please try again or contact your system administrator.   I have no idea what this is trying to tell me but I can not log in as any user, administrator, or me which is an administrator.  I am afraid to hit the reset button on the box because it will not be a safe shutdown.  Anyone know of a fix for this.  This is the main DC and it has been having lots of trouble.   -- Jacob Stabl Network Engineer Plain Local Schools http://plainlocal.org Work: 330.492.3500 x.383 Cell: 330.704.1278   List info   : http://www.activedir.org/mail_list.htm List FAQ    : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/             ________________________________________________________________ Sent via the WebMail system at mail.activedir.org                          List info   : http://www.activedir.org/mail_list.htm List FAQ    : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/   List info   : http://www.activedir.org/mail_list.htm List FAQ    : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/