Local Policy database doesn't exist...

I am receiving continuous errors from my Windows 2000 ADV Server box, Source:ESENT {Microsoft Server Database Storage Engine) "services (304) Database recovery/restore failed with unexpected error - 1811.  I also receive continuous event application messages from ESENT "Unable to write a shadowed header for file c:\documents and Settings\Administrator\SECEDIT.SDB.  I checked the local policy database and I receive an error  "Windows cannot open the local policy database"  "The Database you are attempting to open does not exist".  I checked the administrator folder and it doesn't exist under C:\Documents and Settings.  I searched for secedit.sdb on C: and it was in c:\%systemroot%\security\database where it should be.  Does anyone know how to fix this problem?
LVL 1
mystikal1000Asked:
Who is Participating?
 
jdeclueConnect With a Mentor Commented:
I dont think it was the secedit.sdb it was referring to, It was probably a bad message. It may have had to do with settings in the security policy that were associated with the Administrator account, they could include any event logging associated with the account or group. Those settings could be corrupted if the NTUSER.DAT file was deleted from the Administrators profile. When the administrator account logs in and their is no Documents or Settings and no place for a profile then the HKEY_USERS key read from the NTUSER.DAT is going to get screwed up. I am still confused as to why the Administrator account has no profile or folder in Documents and Settings.

J
0
 
NetoMeter ScreencastsCommented:
Hi!
What are you running on this box - like DC, Exchange server?

NetoMeter
0
 
mystikal1000Author Commented:
Nope.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

 
jdeclueCommented:
Create a new user and add the user to the Administrator Group. Log in as the user and see if everything works fine, this occurs when the Adminstrators profile has been deleted. If it is still occuring, you can try to create another user and add that one to the Administrator Group as well. Then open Local Security Policy, and add the FIRST user to all of the place that Administrator is located. When that is complete, copy the First Users profile, rename it to Administrator and then copy the new profile back to Documents and Settings, essentially recreateing the Administrators Profile.

J
0
 
mystikal1000Author Commented:
I deleted the security logs and rebooted the server to fix the problem.
0
 
jdeclueCommented:
hmm... that was easy, do you still have no Administrator profile on the local machine?

J
0
 
mystikal1000Author Commented:
I do.
0
 
jdeclueCommented:
oh. that was an odd one. Glad you got it fixed, and fast too;)

J
0
 
mystikal1000Author Commented:
Do you know why the secedit.sdb would be in a profile, since it is already in the security database folder in the systemroot?
0
 
kelo501Commented:
It might be added in there as a copy to speed up loging but you can always delete the admin profile and let it recreate at next logon.

Was your security log full?

kelo501
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.