Solved

Additional Domain Controller either does not exist or could not be contacted.

Posted on 2008-06-16
7
237 Views
Last Modified: 2010-04-18
Hello,
We have a problem with Windows 2003 SP2 Domain Controller. On booting, it gave the following error message:
"lsass.exe-system error: Security Accounts Manager initialization failed" error message and event ID 1168 is logged when you restart a Windows Server 2003 domain controller.
We boot the system to Active Directory restore mode but we cannot logon to the system so the only option left is to restore from Backup using Symantec Backup Exec.
We did a full restore including the system state; but on reboot the system came up with the same error message
"lsass.exe-system error: Security Accounts Manager initialization failed"
So we decided to seize the entire five roles on the Domain Controller unto the additional Domain Controller. After seizing all the roles, we experience the following problems:
1.      Users cannot logon to the domain
2.      The additional domain controller cannot be connected to from the network using remote desktop
3.      Exchange services did not start

How can I get this additional domain controller to work so that at least my domain can come up and work can continue in my office while I battle with initial error?
Please help!!!
0
Comment
Question by:BABAJIDEFET
  • 2
  • 2
7 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 21798660
Make the other (remaining) DC a Global Catalog.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21801221
There are known issues with 2003 server SP2:
Maybe this will help.
http://www.lan-2-wan.com/2003-SP2.htm
0
 

Author Comment

by:BABAJIDEFET
ID: 21803178
the machine is already a global catalog server but its not working, it does not authenticate users and its generally invisible on the network.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 21804409
Check DNS to be sure the SRV record exists in _msdcs.

You may need to change the NIC settings to point only to itself for DNS and restart the Netlogon service to register properly.
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 250 total points
ID: 21806587
I totally agree with what netman just sated:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23356031.html
______________________________________________________________________
If the above doesn't work:
The netlogon service and browser service share a couple things in common.

Both use Netbios. Both use Netbios ports 137,138, and 139

Here, this will back me up on this claim:
http://www.microsoft.com/smallbusiness/support/articles/ref_net_ports_ms_prod.mspx

Make sure Netbios over TCP/IP is enabled on the server.
Make sure Netbios ports are available between the clients and server. You can do this by performing a telnet connection to those ports.

If this is set up in a VPN scenario, you may have to use WINS. Netbios broadcasts will not propogate over NAT and a VPN tunnel.


0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question