sbalawajder
asked on
Active Directory corrupted can not boot into Windows
Ok here goes:
I had to reboot a DC this morning after it decided to blue screen for no apparent reason (said fatal logon error?)
Anyways, upon rebooting I get this error msg:
"lsass.exe Security Accounts Manager Initialization failed because of the following error: Directory Service can not start: Error status 0xc00002e1. Please check OK to shutdown and reboot into Directory Services Restore Mode, check event logs for more detailed information"
First reaction "This cant be good". The other odd thing about this is that when the message popped up, my keyboard and mouse went off the fritz and I couldn't click or press enter or anything, so I did a hard power off.
Keyboard and mouse were on a KVM, so I figured "OK, plug in external keyboard/mouse"
I reboot again and try into Directory Services Restore Mode, and the same error msg pops up, and my keyboard and mouse is locked up.
I have tried to reboot into every type of safe mode there is (including debugging mode), and the same error pops up and I can not do jack on this machine.
Anyone out there have any ideas? Any assistance would be GREATLY appreciated.
I had to reboot a DC this morning after it decided to blue screen for no apparent reason (said fatal logon error?)
Anyways, upon rebooting I get this error msg:
"lsass.exe Security Accounts Manager Initialization failed because of the following error: Directory Service can not start: Error status 0xc00002e1. Please check OK to shutdown and reboot into Directory Services Restore Mode, check event logs for more detailed information"
First reaction "This cant be good". The other odd thing about this is that when the message popped up, my keyboard and mouse went off the fritz and I couldn't click or press enter or anything, so I did a hard power off.
Keyboard and mouse were on a KVM, so I figured "OK, plug in external keyboard/mouse"
I reboot again and try into Directory Services Restore Mode, and the same error msg pops up, and my keyboard and mouse is locked up.
I have tried to reboot into every type of safe mode there is (including debugging mode), and the same error pops up and I can not do jack on this machine.
Anyone out there have any ideas? Any assistance would be GREATLY appreciated.
ASKER
Well. We have a secondary DC, but shouldnt this pickup where the other one left off? It doesnt appear to be doing so
ASKER
Would rather not blow everything away.,..especially if I do not know if AD is existing somewhere!!
Your secondary DC may not have all of the functionality it needs to run the domain by itself, but it may still have a full working copy of Active Directory. First of all, you have to make sure that you have a working DNS server at this point. On your existing DC, do you have DNS installed and running? If so, you are in pretty good shape. If not, you need to install DNS and configure it. If you have a backup of the server that crashed, you may be able to restore the DNS database to the running server. If not, you will need to rebuild your DNS database.
The next issue is DHCP. Again, if the running server has DHCP already installed, authorized, and configured with a workign scope, you are in good shape there. If not, that's the second thing you'll need to do on your secondary DC.
Then you'll need to make sure that the running server is a GC and also seize all of the FSMO roles to that server.
Once you've got all that done, you should be able to run your network without the crashed server until you can get it back up and running.
If any of this is unfamiliar to you, post back and we can give you some help with specific steps or articles to follow.
The next issue is DHCP. Again, if the running server has DHCP already installed, authorized, and configured with a workign scope, you are in good shape there. If not, that's the second thing you'll need to do on your secondary DC.
Then you'll need to make sure that the running server is a GC and also seize all of the FSMO roles to that server.
Once you've got all that done, you should be able to run your network without the crashed server until you can get it back up and running.
If any of this is unfamiliar to you, post back and we can give you some help with specific steps or articles to follow.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, after about 4 hours on the phone with Microsoft, our problem has been solved- somewhat
Still having another problem, but I am putting that into another post. Will award points to iCore as the things he said to do was pretty much what Microsoft did for us.
Still having another problem, but I am putting that into another post. Will award points to iCore as the things he said to do was pretty much what Microsoft did for us.
If this is not the only DC, it goes without saying that the easiest and fastest thing would be to blow this server away and rebuild from scratch and then promote it to a DC in the domain.
Is this a possibility?