Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

win2k server shows as a dc but no domain...

Posted on 2004-05-03
9
Medium Priority
?
559 Views
Last Modified: 2010-04-13
I've been asked to fix a server that has no backup, no erd, and had a hard boot due to a power failure. Upon booting up I get a sam error. I can get in using directory services restore moded. If I look at the properties, the computer name is correct (phs04.parkview.sps.org) but the domain show 'none'. I cant run dcpromo from this condition. Suggestions?
0
Comment
Question by:gaskew
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 10977639
is it the only domain controller for the domain?
0
 

Author Comment

by:gaskew
ID: 10977647
I should also state that I've tried to restore the ntds.dit by ntdsutil and esentutl /r. The esentutl completed but made no difference upon boot.
0
 

Author Comment

by:gaskew
ID: 10977649
No, thats one good thing. They have three more dc's
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
LVL 57

Expert Comment

by:Pete Long
ID: 10977729
well its a good thing if the others hold the FSMO roles? if not your gonna need to seize them on another DC

1.      On any domain controller, click Start, click Run, type ntdsutil in the Open box, and then click OK.

Note Microsoft recommends that you use the domain controller that is taking the FSMO roles.
2.      Type roles, and then press ENTER.

To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.
3.      Type connections, and then press ENTER.
4.      Type connect to server servername, where servername is the name of the server you want to use, and then press ENTER.
5.      At the server connections: prompt, type q, and then press ENTER again.
6.      Type seize role, where role is the role you want to seize. For a list of roles that you can seize, type ? at the Fsmo maintenance: prompt, and then press ENTER, or consult the list of roles at the beginning of this article. For example, to seize the RID Master role, you would type seize rid master. The one exception is for the PDC Emulator role, whose syntax would be "seize pdc" and not "seize pdc emulator".

Note All five roles need to be in the forest. If the first domain controller is out of the forest then seize all roles. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server.

Microsoft recommends that you only seize all roles when the other domain controller is not returning to the domain, otherwise fix the broken domain controller with the roles.

If the original domain controller with the FSMO roles is still online, transfer the roles. Type transfer role.
7.      After you seize or transfer the roles, type q, and then press ENTER until you quit the Ntdsutil tool.
Note Do not put the Infrastructure Master role on the same domain controller as the global catalog.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;197132

To check if a domain controller is also a global catalog server:
1.      Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
2.      Double-click Sites in the left pane, and then browse to the appropriate site or click Default-first-site-name if no other sites are available.
3.      Open the Servers folder, and then click the domain controller.
4.      In the domain controller's folder, double-click NTDS Settings.
5.      On the Action menu, click Properties.
6.      On the General tab, locate the Global Catalog check box to see if it is selected.
*****References*****

Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain Controller
http://support.microsoft.com/?kbid=255504

Windows 2000 Active Directory FSMO Roles
http://support.microsoft.com/default.aspx?scid=kb;EN-US;197132

Flexible Single Master Operation Transfer and Seizure Process
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223787
0
 

Author Comment

by:gaskew
ID: 10977960
all roles are not on PHS02 (the one in question).
0
 

Author Comment

by:gaskew
ID: 10978058
To explain a little further. When I boot up the phs02 server, I get the message, "Security Accounts Manager Initialization failed because of the following error: Directory Services cannot start"

all fsmo roles, including GC, are on phs03
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 1500 total points
ID: 10978227
Error Message: Lsass.exe - System Error : Security Accounts Manager Initialization Failed Because of the...
http://support.microsoft.com/default.aspx?scid=kb;EN-US;258007

as youve suddenly started seeing LSaSS errors Id start getting worried about the Sasser Worm?
0
 

Author Comment

by:gaskew
ID: 10978527
I wanted to give you points for all the hard work. Heres what I did to make it work:
regedit to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions
Edit the ProductType value name and change the data value from LanmanNT to ServerNT
rebooted

amazingly it came back as a member server in the correct domain!

Thanks for everything.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10978560
Thats a fantactic reg hack, and one Ive not seen before, thanks for posting that, the question now has some outstanding PAQ value.

ThanQ - Glad you are fixed :)

Pete
www.petenetlive.com
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question