Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

User accounts can  not login after successful AD restore

Posted on 2008-06-24
5
Medium Priority
?
1,216 Views
Last Modified: 2011-10-19
Hi To All, im happy that i could now perform DRP of AD and Exchange 2003:)

But after i closed my previous post regarding AD+exchange DRP with the help of one Expert, Fishdar (thank you friend!), i noticed that even i restored AD and was able login to client OS with the client user account, when i checked the ip address of the client machine i got 169.x.x.x ip address! (but i was able to login)- please see Error1.jpg attached snapshot file. Why the user account can log in even the machine has 169.x.x.x ip adrs?

Secondly, i noticed that the DHCP is not restored (probably this answered the question why the client machine got 169.x.x.x ip, but user account can login with this ip:(... ) so thats why restored the DHCP Db on my server and login to client machine locally with local admin account then release/renew the IP address, ok. i got 192.168.100.20 (first ip on my dhcp scope range), with this, i was able to launched nslookup with positive result! it can resolved my DNS server. please see Snap3.jpg-- After i got the new IP addrs, i logoff with the local admin account and login with domain user account- result- Failed, please see "Error4.jpg user login after ip renew"

Note: Domain admin account cannot able to login on my first statement with 169.x.x.x and also on my second statement with valid ip address on my dhcp range. please see error2.jpg

why? why? why? please i need your ideas on this.

Thank you.
-charles






error1.JPG
error2.JPG
Error4-user-login-after-ip-renew.JPG
Snap3-after-ip-addr-release-and-.JPG
0
Comment
Question by:charles_lawrence
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
kanalQko earned 750 total points
ID: 21855730
at first, you had to perform authothive AD restore >>
http://support.microsoft.com/kb/241594
then you have to restore DHCP database and initialize it
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21863599
whew!! still cannot get it!

this is what i have:
- full backup of main server(mainAD) thru NTbackup (FullBackupMainAD.bkf)
- virtual machine Restore server (DRserver), has the following:
            -no AD/ diff server hostname/ no ip config
            -same OS/service pack version as mainAD
            -same logical/partition size and as mainAD

this is what i did as AD DRP procedure as per the given link http://support.microsoft.com/kb/241594
1. reboot the virtual server DRserver in directory restore mode by pressing F8 during boot
2. Restore system state backup using NTbackup
3. Run NTDSUTIL after AD restored to make it authoritative restore.

Result:

Could not initialize the Jet Engine: Jet Warning 1

Authoritative Restore failed.
Error 8000ffff parsing input - illegal syntax?


- To address the issue in NTDSUTIL, I restart the DRserver after the AD restored
- then launched the NTDSUTIL command. successful!
- restore DHCP dB, ok. stop/restart DHCP services.ok
- i restart the DRserver, and also restart the virtual client OS (xppro)
- login to xppro machine with local administrator account, ap address release/ renew. ok. i got 192.168.100.20
- login to domain admin account! NO GO! the same error message, see Error4 snapshot
- login to domain user account, NO GO! the same error message, see Error4 snapshot


Please advise, any ideas is very much appreacited.

Thank you.
-charles




Error4-user-login-after-ip-renew.JPG
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21872049
Any response??
0
 
LVL 3

Author Comment

by:charles_lawrence
ID: 21893301
whew!! Got it! i build dedicate Virtual Lab on this with single DC and clients then simulate DC restoration, result successful!...  and now!:) to whom ill give the points! Hi KanalOko, AFAIK, authoritative restore will come to the picture when i only have numerous DC on my environment and will decide if dB on the restore DC will be the authoritative for replication, but nevertheless, you response on my post, points for you! you gave the me the idea
and topic to look in to "authoritative restore".. Thank you!

-charles

0
 
LVL 5

Expert Comment

by:kanalQko
ID: 21897033
your welcome ;)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question