Solved

User accounts can  not login after successful AD restore

Posted on 2008-06-24
5
1,214 Views
Last Modified: 2011-10-19
Hi To All, im happy that i could now perform DRP of AD and Exchange 2003:)

But after i closed my previous post regarding AD+exchange DRP with the help of one Expert, Fishdar (thank you friend!), i noticed that even i restored AD and was able login to client OS with the client user account, when i checked the ip address of the client machine i got 169.x.x.x ip address! (but i was able to login)- please see Error1.jpg attached snapshot file. Why the user account can log in even the machine has 169.x.x.x ip adrs?

Secondly, i noticed that the DHCP is not restored (probably this answered the question why the client machine got 169.x.x.x ip, but user account can login with this ip:(... ) so thats why restored the DHCP Db on my server and login to client machine locally with local admin account then release/renew the IP address, ok. i got 192.168.100.20 (first ip on my dhcp scope range), with this, i was able to launched nslookup with positive result! it can resolved my DNS server. please see Snap3.jpg-- After i got the new IP addrs, i logoff with the local admin account and login with domain user account- result- Failed, please see "Error4.jpg user login after ip renew"

Note: Domain admin account cannot able to login on my first statement with 169.x.x.x and also on my second statement with valid ip address on my dhcp range. please see error2.jpg

why? why? why? please i need your ideas on this.

Thank you.
-charles






error1.JPG
error2.JPG
Error4-user-login-after-ip-renew.JPG
Snap3-after-ip-addr-release-and-.JPG
0
Comment
Question by:charles_lawrence
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
kanalQko earned 250 total points
ID: 21855730
at first, you had to perform authothive AD restore >>
http://support.microsoft.com/kb/241594
then you have to restore DHCP database and initialize it
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21863599
whew!! still cannot get it!

this is what i have:
- full backup of main server(mainAD) thru NTbackup (FullBackupMainAD.bkf)
- virtual machine Restore server (DRserver), has the following:
            -no AD/ diff server hostname/ no ip config
            -same OS/service pack version as mainAD
            -same logical/partition size and as mainAD

this is what i did as AD DRP procedure as per the given link http://support.microsoft.com/kb/241594
1. reboot the virtual server DRserver in directory restore mode by pressing F8 during boot
2. Restore system state backup using NTbackup
3. Run NTDSUTIL after AD restored to make it authoritative restore.

Result:

Could not initialize the Jet Engine: Jet Warning 1

Authoritative Restore failed.
Error 8000ffff parsing input - illegal syntax?


- To address the issue in NTDSUTIL, I restart the DRserver after the AD restored
- then launched the NTDSUTIL command. successful!
- restore DHCP dB, ok. stop/restart DHCP services.ok
- i restart the DRserver, and also restart the virtual client OS (xppro)
- login to xppro machine with local administrator account, ap address release/ renew. ok. i got 192.168.100.20
- login to domain admin account! NO GO! the same error message, see Error4 snapshot
- login to domain user account, NO GO! the same error message, see Error4 snapshot


Please advise, any ideas is very much appreacited.

Thank you.
-charles




Error4-user-login-after-ip-renew.JPG
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21872049
Any response??
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21893301
whew!! Got it! i build dedicate Virtual Lab on this with single DC and clients then simulate DC restoration, result successful!...  and now!:) to whom ill give the points! Hi KanalOko, AFAIK, authoritative restore will come to the picture when i only have numerous DC on my environment and will decide if dB on the restore DC will be the authoritative for replication, but nevertheless, you response on my post, points for you! you gave the me the idea
and topic to look in to "authoritative restore".. Thank you!

-charles

0
 
LVL 5

Expert Comment

by:kanalQko
ID: 21897033
your welcome ;)
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question