Solved

Active Directory in the trashcan - Emptying the trashcan leads to disabled logins

Posted on 2004-08-30
17
725 Views
Last Modified: 2010-04-14
Hello,

my company will be taking over the networking responsibility for five servers on the 1. September 2004. Two of these servers, "Exchange", and "SRV01" has for some odd reason "the Active Directory in the trashcan".

We have been told that, if we empty the trashcan, "the whole network will go down the drain" - which I interpret as meaning that the users can no longer login. It is as bizarre as it is tragicomic.

We got this information from some accountants working there, who have some IT-skills, but are not on such a high level that they can really tell us what is going on.

Do anyone have some understanding of what has happened, why emptying the trashcan on these two servers leads to that netlogin is disabled, and what can we do to fix it?

Morten/MLD
-MCSE
0
Comment
Question by:Morten_Lillesand
  • 7
  • 4
  • 3
  • +1
17 Comments
 

Author Comment

by:Morten_Lillesand
ID: 11931162
When I say "Trashcan", i mean of course "recycle bin".
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11931200
??? whats in the recycle bin ?? <chuckle>

active directory lives in NTDS.dit can you locate this file on the hard drive?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11931218
just when I thought I'd seen every possible question in this TA you come along and prove me wrong :)
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 11931294
PeteLong
stunning stuff!

It sounds like the thing to do here is build a new DC with the AD and SYSVOL in the right places!

This will tell you how to move the NTDS.DIT and Log Files:
http://support.microsoft.com/default.aspx?scid=kb;en-us;257420&sd=tech

This will tell you have to move SYSVOL:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part2/adogdapa.mspx#XSLTsection146121120120

Before we start, PLEASE tell me what's in the recycle bin, as I still can't believe what you're saying is even possible :)

Cheers

JamesDS
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11931320
I do hope its a shortcut to "active directory users and computers" ROFLMAO

but seeing as the poster is an MSCE I think the problem may well be slightly more serious <grin>

Id just DCPROMO another server seize the FSMO roles then demote and repromo the the other two
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11931331
Woah, drag the file to the desktop from the recycle bin. Let us know the size, extension and then open it up in notepad... and tell us what is says. It is most like just a link to the Active Directory provider under explorer or something...


J
0
 

Author Comment

by:Morten_Lillesand
ID: 11931332
Hi guys, thanks for your feedback.

I will pause this case for today, because I first get a chance to visit the customer tomrrow to find out what is in the recycle bin.

Yes, this is extremely odd. :-)

Looking forward to solve the problem together,

Morten/MLD
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11931353
OK Morten - Im gonna have to EMail this URL to my work address cause this Ive gotta see - let us know how you get on :)

Pete
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 16

Expert Comment

by:JamesDS
ID: 11931360
oooh, brutal :)

ROFLMAO - I second that, it's hard to type with tears in your eyes...

I reckon we can nail this one without anything quite so evil as a seizure. What happens if we try to restore the contents of the recycle bin to their original location??

That would seem to be the most obvious immediate action!

Cheers

JamesDS
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11931382
I am going to have to remember this... I think I will start dropping 0 byte files named Active Directory in the recycle bins on all of the computers, might not be the case here, but it should be pretty funny with my customers! ;)

J
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11931385
Id be backing up the system state before I do anything else - Though Im pretty sure that is impossible for AD to live in the recycle bin, how would the network know its recycler SID number?
0
 

Author Comment

by:Morten_Lillesand
ID: 11931425
Well, according to the information I have regarding these servers, there is one tape backup (DLT 160/320 or something) with remote agents on all, so the system state should be kept safe. I'm really looking forward to see what we dig up :-)
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11951839
How did it go?
0
 

Author Comment

by:Morten_Lillesand
ID: 11967133
Hi all!

Sorry this took so long - I first got a chance to visit them today.

Here is the contents of the recycle bin: http://www.mld.no/recycle_bin_horror.jpg

As you can see, they have [oddly enough] put the entire C:\WINNT\NTDS directory into the bin.

Still, the C:\WINNT\NTDS does exist on the drive as it should, and it contains the ntds.dit updated to 02.09.2004.

The C:\winnt\ntds contains: http://www.mld.no/c_winnt_ntds.jpg
The C:\winnt\sysvol contains: http://www.mld.no/c_winnt_sysvol.jpg

So why does the active directory stop working when we empty the recycle bin? Anyways, it sounds like you have a good proposal PeteLong in rebuilding the entire DC.

I'm puzzled. Looking forward to hear what you're saying.

Morten
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11967179
Well if you are going down the path or rebuilding, go ahead a nd empty the trash can. If the domain controller works fine and the folder does exist... it should not cause any problems... but be prepared.

J
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11968364
-Yeah vote #2 sysvol looks OK and it appears you have a 28Mb Active directory ntds.dit

if your worried back it up first, but Im willing to bet nothing will happen
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11971594
Morten_Lillesand
What worries me is how they knew they had the AD in the recycle bin and how they knew that something would happen.

I would get the DB replicated off somewhere else and the GC and FSMOs transferred before I emptied it

Cheers

JamesDS
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Is your company's data protection keeping pace with virtualization? Here are 7 dynamic ways to adapt to rapid breakthroughs in technology.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now