AMWINS
asked on
Domain Controller
I have a Domain Controller that has crashed, running in a muliple domain controller environment(win2k sp4), I am unable to logon into the machine and run dcpromo to demote to member server.
Is there any way to manually remove the domain controller from active directory.
Is there any way to manually remove the domain controller from active directory.
First you will need to logon to that machine somehow... what are the symptoms? Are you bluescreening? Just need a little more info here...
FE
FE
When u say unable to logon into the machine, do u mean access denied? If so, you may wanna try using rawrite to hack into your system first then run dcpromo again.
OR simply disconnect it from the other DCs and run dcpromo to remove it from their AD, then you can simply reinstall/reformat/do anything you want with the defective machine.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yeah sorry, when I said can not log into the machine, I dont even get far enough into the boot to get prompted to login.
I had a blue screen(ntoskrnl.exe) then everytime after that I get an error that says
LSASS.exe - System Error
Directory Services could not start because of the following error. The system can not find the file specified. Error status 0xc000000f. Please click OK to shutdown this system and reboot into directory services restore mode, check the event log for more detailed information.
I had tried to boot into safe mode(no luck) I also tried to repair from CD, if found a bunch of files that it repaired but still no luck.
I was weary about using the DSRM, just didnt want to corrupt the rest of AD through out the domain.
Hope this extra information helps.
I think now that someone has posted about using the DSRM, and had gotten that same Q article to reference I might try that, but if anyone else comes up with anything it would be greatly apprciated.
TIA
I had a blue screen(ntoskrnl.exe) then everytime after that I get an error that says
LSASS.exe - System Error
Directory Services could not start because of the following error. The system can not find the file specified. Error status 0xc000000f. Please click OK to shutdown this system and reboot into directory services restore mode, check the event log for more detailed information.
I had tried to boot into safe mode(no luck) I also tried to repair from CD, if found a bunch of files that it repaired but still no luck.
I was weary about using the DSRM, just didnt want to corrupt the rest of AD through out the domain.
Hope this extra information helps.
I think now that someone has posted about using the DSRM, and had gotten that same Q article to reference I might try that, but if anyone else comes up with anything it would be greatly apprciated.
TIA
yea... here is the error: http://support.microsoft.com/default.aspx?scid=kb;EN-US;258007
First, i would disconnect it from the Domain (pull the wire).. then logon as above with DSRM and try the fix...
First, i would disconnect it from the Domain (pull the wire).. then logon as above with DSRM and try the fix...
ASKER
Thanks FE your first post with Q216498 article seem to do the trick, I actaully had to run it from another DC to complete because even after running the DSRM on that machine it put it into safe mode with no way to log in, then when it went through the reboot again normally still gave the same error. Luckily it was a (expendable server) only running certain services which have been moved. The server will have to be rebuilt but at least AD has been cleaned up, with no errors.
Thanks for you help.
Thanks for you help.
VERY cool... glad we could be of help.. Come back again..
and thank you.. :)
FE
and thank you.. :)
FE
Hmmm, the same article I posted above?
Wow... it is the same link... never noticed..!!!
Steven... go here...
https://www.experts-exchange.com/questions/20876242/Points-For-stevenlewis.html
FE
Steven... go here...
https://www.experts-exchange.com/questions/20876242/Points-For-stevenlewis.html
FE
see if this helphttp://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q216/4/98.ASP&NoWebContent=1