?
Solved

I deleted Default Domain Controllers policy !

Posted on 2003-03-19
28
Medium Priority
?
417 Views
Last Modified: 2010-04-13
I totally screwed up and deleted the Default Domain Controllers policy

I need to recreate it, but am not sure what the default properties are for the policy or how to go about recreating it.

I was getting an

"error 1332 No mapping between account names and security ids was done"

and that is why I was proceeding to remap the default policy for the Domain controler and deleted it like an idiot.  :-(
0
Comment
Question by:truckfanatic_com
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 5
  • 5
  • +4
28 Comments
 
LVL 10

Expert Comment

by:pcbrat
ID: 8170424
Truckfanatic,

Try these links for me. They may help you find what you need and where to go. Let me know if this helps and keep us posted.

http://support.microsoft.com/default.aspx?scid=kb;en-us;226243

http://support.microsoft.com/default.aspx?scid=kb;en-us;322143

Dawne :)
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8174514
I will try this this morning and let you know if it worked.  Thanks so much for the help.  I swear I searched Tech net forever and found nothing.  Its all about the words you use...

I will let you know in a few hours.
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8176633
This only shows how to create a default GPO, not specifically the Domain Controller Default GPO.  Were close though...i feel it.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8176718
OK, I am somewhat on the right path. I am in the Security Analysis and Configuration Snap-In, and I try to create a new Database and import the basicdc template, BUT it keeps saying "The Data is Invalid. Import Failed"
0
 
LVL 10

Expert Comment

by:pcbrat
ID: 8177158
Ok how many servers do you have that are Dcs in your network? Lets do a repair of the DC, and run a test using the DCdiag.exe. You will find the tools on the server CD.

Lets get the tools in and running t se where we stand.

I will wait for your posts.

Dawne :)
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8177503
Well, I had two, and decommissioned one.  That when all hell broke loose.  I 'dcpromo' the server I was decommissioning, then I took it out of the domain and put it it its own workgroup, then took it down.

The server is remote, so I have to get the disk and put it in the CD.   So lets continue with the results of the Diag tomorrow morning.  Thanks for the help.
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8182301
OK, I downloaded DCDIAG.exe and ran it, but came up with the following error...see screen shot link:

http://www.apollointernet.com/dcdiag_error.jpg

0
 
LVL 10

Expert Comment

by:pcbrat
ID: 8184478
Ok but what does your Event viewer say?
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8184512
Event Type:     Information
Event Source:     Application Popup
Event Category:     None
Event ID:     26
Date:          3/21/2003
Time:          2:39:18 PM
User:          N/A
Computer:     THOR
Description:
Application popup: dcdiag.exe - Entry Point Not Found : The procedure entry point DsIsMangledDnW could not be located in the dynamic link library NTDSAPI.dll.  
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8186533
pcbrat asked if I could take a look..

truckfanatic_com... do you have a system state backup of this server?  Not a complete backup, just system state.
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8197672
I wish.  Please dont scold me...I have the tape drive, just havent connected it yet :-(
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8197725
"Please dont scold me..."  By stating that you are begging for it.

Bad, bad, bad!!!!

There is to my knowledge no other known way to repair this other than from System State data.  Sorry, I could not be of more assistance.
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8197756
So, am I screwed?  :_-o  I had a feeling.

I guess it is time to backup Exchange server and start from scratch.

One last question.....If I couldnt find an answer to fix the problem, what do I do?  How do I stop the thread?
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8197838
Post a request in Commuinty Support to close this question, be sure to place a link to the question there.  Good luck with your client.

You may want to pop the drive from that box into the exchange server or another box and atleast get what data you can from it?
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8197905
Thanks for all the help....I will do it right this time :-)
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 8198769
PAQ'd and 500 points refunded

modulo

Community Support Moderator
Experts Exchange
0
 
LVL 10

Expert Comment

by:pcbrat
ID: 8204457
Thanks Geek for giving Truck a hand. I had to go away for the weekend, besides I figured he was kinda shot with no backup.

Good luck Truck hope all goes well.

Dawne :)
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8204483
:,-(  Its gonna ba a long weekend
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8204548
yup.
0
 
LVL 8

Expert Comment

by:netmage
ID: 8273522
There is a fix for this that resets it back to default.

oh too simple aswell, duh.
You guys were so close
Had your problem and was following this message thread for an idea.

The default policy is exactly the same as any other policy except it pertains to the domain controller organisational unit.

Here we go.

load active direcory users and computers.

right click the domain controller OU / properties.
select group policy.
add a new default policy.
rename it to the domain contoller policy
edit it.

It quite happily replicates to other domain controllers with the approriate permissions intact.

The actual problem i had differed in that the policy was corrupt and i couldn;t edit it but i was able to delete the reference to the policy and start a new one.


0
 
LVL 10

Expert Comment

by:pcbrat
ID: 8275158
Thanks Netmage. I will file this one away as a tidbit for future reference. As we all know its a little harder troubleshotting something your not really looking at on your own. Wish you would have let the questioner know though, probobally would have saved him a rebuild. (chuckle).

Dawne :)
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8275724
:-( Well, I did it any everything is humming along.  Thanks everyone, it wasnt as bad as I thought, only one whole night lost.

FYI:  PCBRAT and MSGEEK, I requested that you guys get 50 points each just for a thank in helping me try to resolve this.

PS: Netmage, close timing, but if I just had you around a week earlier :-)
0
 
LVL 8

Expert Comment

by:netmage
ID: 8275853
>PS: Netmage, close timing, but if I just had you around a week earlier :-)

Believe me, i was :-/
I'd tagged this message thread from the begining and couldn;t add anything.

Here's my story found out after a bit of investigation

Up to my neck in it with much the same mess and all cause cause some moron reset a server in a remote office cause he thought chkdsk was taking too long after his original reset cause the broadband went down or so he says.


The server enventually restarted and i don;t know how but the domain controller policy got chundered and replicated to all the other controllers. ( thought this wasn;t sposed to happen when it conflicts with the master controller)

This bumped all the terminal server users out with a lack of permission to logon locally and that where i came in.

At this point the general domain policy overrides saved my butt till i eventually setup a new domain controller policy.

lol, there are now trained and assigned server operators at these locations and a particular computer has no reset button.

Yeah, what a week.



 

0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8279464
PCBRAT, please post a comment at this link so I can give you some thank you points:
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20576018.html
0
 
LVL 1

Author Comment

by:truckfanatic_com
ID: 8279475
MSGEEK, Please post a comment at this link so I can give you some thank you points:
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20576019.html
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8280627
Sorry I missed out on some of this, my power has been out sinece 4/3, great post.   :(
0
 

Expert Comment

by:evasion
ID: 8647381
I think the reason for the "dcdiag.exe - Entry Point Not Found : The procedure entry point DsIsMangledDnW could not be located in the dynamic link library NTDSAPI.dll." error is due to using an old version of DCDIAG.EXE.

If you are using Windows 2000 Service Pack 3, you need the updated version from here:

Windows 2000 Support Tools: DCDiag.exe Utility Update
http://www.microsoft.com/downloads/details.aspx?FamilyID=23870a87-8422-408c-9375-2d9aaf939fa3&DisplayLang=en

0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We are witnesses that everyone is saying that our children shouldn't "play" with a technology because it is dangerous. This article is going to prove that they are wrong.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question