Correction. I meant to say: " Esentutl utility with the /d switch ". Not Eseutil /d.
Sincerely, Jose Medeiros ADP | National Account Services ProBusiness Division | Information Services 925.737.7967 | 408-449-6621 CELL -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jose Medeiros Sent: Sunday, December 04, 2005 12:42 AM To: [email protected] Subject: Re: [ActiveDir] Ntds.dit file corruption Even if it's SCSI on a RAID 5 Array, you can still have corrupt clusters. A power outage or a hard reboot could have damaged the clusters on the drives. Try running Chkdsk /r. And I have an idea, but have not tried it yet, try running Eseutil /d after the chkdsk completes since it creates a new database, it may repair the problem. http://www.mcpmag.com/columns/article.asp?EditorialsID=330 Jose ----- Original Message ----- From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Sunday, December 04, 2005 12:13 AM Subject: Re: [ActiveDir] Ntds.dit file corruption > Nope just confirmed SCSI ...but there's still Dell hardware to lay blame > on here ;-) > > Brian Desmond wrote: > >>I think those are SATA only? >> >>Thanks, >>Brian Desmond >>[EMAIL PROTECTED] >> c - 312.731.3132 >> >> >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, >>CPA >>aka Ebitz - SBS Rocks [MVP] >>Sent: Sunday, December 04, 2005 2:21 AM >>To: [email protected] >>Subject: Re: [ActiveDir] Ntds.dit file corruption >> >>http://www.dell.com/downloads/global/products/pedge/en/sc1420_specs.pdf >> >>Well he said it's a Dell [ugh] 1420 but do not know if SATA or SCSI. >> >>Jose Medeiros wrote: >> >> >>>Hmm.. I have never experienced this with either McAfee or Symantec AV on >>>any of the DC's that I have built and or maintened. Have you had a >>>chance to run chkdsk /r yet? More then likely the problem is bad clusters >>>on the drive which caused the NTDS.DIT file to become corrupt. >>> >>>Was this server built using IDE /ATA/SATA drives? >>> >>> >>>Jose >>> >>> >>> >>>----- Original Message ----- From: "Susan Bradley, CPA aka Ebitz - SBS >>>Rocks [MVP]" <[EMAIL PROTECTED]> >>>To: <[email protected]> >>>Sent: Saturday, December 03, 2005 10:58 PM >>>Subject: [ActiveDir] Ntds.dit file corruption >>> >>> >>> >>>>SBS box [with Windows 2003 sp1 since September] >>>> >>>>RE: [ActiveDir] Database Corruption: >>>>http://www.mail-archive.com/[email protected]/msg32676.html >>>> >>>>We have a SBS 2003 sp1 box with a corrupt ntds.dit that the Consultant >>>>and PSS have been banging on. Could not get the services back running, >>>>changed the RPC service to local system and some service came back up [I >>>>don't have all the details but the consultant opened a support case of >>>>SRX051202605433]. >>>>Bottom line they are about going to give up and start a restore but >>>>before they do that I'd like to get the view of the AD gods and >>>>goddesses around here. From all that I've seen, read, seen in the SBS >>>>newsgroup, the corruption of ntds.dit is rare to nil and an underlying >>>>cause is hardware issues [raid, disk subsystem]. This doesn't just >>>>happen. >>>>The VAP asked if not properly excluding the ad databases from the a/v >>>>would cause this/trigger this and my expectation is 'no', given that I >>>>doubt the majority of us in SBSland properly set up exclusions >>>>Virus scanning recommendations on a Windows 2000 or on a Windows Server >>>>2003 domain controller: >>>>http://support.microsoft.com/default.aspx?scid=kb;en-us;822158 >>>> >>>>If this were my hardware and box, I'd be putting this sucker on the >>>>operating table and getting an autopsy before putting it back online. >>>> >>>>Are we right in being paranoid now about this hardware? For you guys in >>>>big server land you'd just slide over another box into that server role. >>>> >>>>--------------------------------------- >>>>Stupid question alert.... >>>> >>>>Okay so we know that having a secondary/additional domain controller is >>>>a good thing even in SBSland...but question.... many times the second >>>>server in SBSland is a terminal server box because we do not support TS >>>>in app mode on our PDCs. So we've established that having a domain >>>>controller and a terminal server is a security issue [see Windows >>>>Security resource kit, NIST Terminal services hardening guide, etc >>>>etc....] If our second server is a member server handing out TS >>>>externally, should that be a candidate for the additional DC? Are the >>>>issues of TS on a DC ... true for 'any' DC? Would it be better than to >>>>Vserver/VPC a Win2k3 inside a workstation in the network if a third >>>>server box was not feasible? >>>> >>>>List info : http://www.activedir.org/List.aspx >>>>List FAQ : http://www.activedir.org/ListFAQ.aspx >>>>List archive: >>>>http://www.mail-archive.com/activedir%40mail.activedir.org/ >>>List info : http://www.activedir.org/List.aspx >>>List FAQ : http://www.activedir.org/ListFAQ.aspx >>>List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ >>> >>> >>List info : http://www.activedir.org/List.aspx >>List FAQ : http://www.activedir.org/ListFAQ.aspx >>List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >>List info : http://www.activedir.org/List.aspx >>List FAQ : http://www.activedir.org/ListFAQ.aspx >>List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
