[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 505
  • Last Modified:

Local Policy database doesn't exist...

I am receiving continuous errors from my Windows 2000 ADV Server box, Source:ESENT {Microsoft Server Database Storage Engine) "services (304) Database recovery/restore failed with unexpected error - 1811.  I also receive continuous event application messages from ESENT "Unable to write a shadowed header for file c:\documents and Settings\Administrator\SECEDIT.SDB.  I checked the local policy database and I receive an error  "Windows cannot open the local policy database"  "The Database you are attempting to open does not exist".  I checked the administrator folder and it doesn't exist under C:\Documents and Settings.  I searched for secedit.sdb on C: and it was in c:\%systemroot%\security\database where it should be.  Does anyone know how to fix this problem?
0
mystikal1000
Asked:
mystikal1000
1 Solution
 
NetoMeter ScreencastsCommented:
Hi!
What are you running on this box - like DC, Exchange server?

NetoMeter
0
 
mystikal1000Author Commented:
Nope.
0
 
jdeclueCommented:
Create a new user and add the user to the Administrator Group. Log in as the user and see if everything works fine, this occurs when the Adminstrators profile has been deleted. If it is still occuring, you can try to create another user and add that one to the Administrator Group as well. Then open Local Security Policy, and add the FIRST user to all of the place that Administrator is located. When that is complete, copy the First Users profile, rename it to Administrator and then copy the new profile back to Documents and Settings, essentially recreateing the Administrators Profile.

J
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
mystikal1000Author Commented:
I deleted the security logs and rebooted the server to fix the problem.
0
 
jdeclueCommented:
hmm... that was easy, do you still have no Administrator profile on the local machine?

J
0
 
mystikal1000Author Commented:
I do.
0
 
jdeclueCommented:
oh. that was an odd one. Glad you got it fixed, and fast too;)

J
0
 
mystikal1000Author Commented:
Do you know why the secedit.sdb would be in a profile, since it is already in the security database folder in the systemroot?
0
 
kelo501Commented:
It might be added in there as a copy to speed up loging but you can always delete the admin profile and let it recreate at next logon.

Was your security log full?

kelo501
0
 
jdeclueCommented:
I dont think it was the secedit.sdb it was referring to, It was probably a bad message. It may have had to do with settings in the security policy that were associated with the Administrator account, they could include any event logging associated with the account or group. Those settings could be corrupted if the NTUSER.DAT file was deleted from the Administrators profile. When the administrator account logs in and their is no Documents or Settings and no place for a profile then the HKEY_USERS key read from the NTUSER.DAT is going to get screwed up. I am still confused as to why the Administrator account has no profile or folder in Documents and Settings.

J
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now