Windows Server 2003 R2 "Directory Service cannot start" problem
I use a Windows 2003 Server as a file server, Domain Controller and Exchange 2003 server. The config stays pretty much the same all the time - I never add or delete users or change the AD settings. So I've been lazy about backups and don't have any recent backups (all well over 90 days old). This morning, it fails during bootup with "Directory Service cannot start - click ok to shutdown and restart in Directory Services Restore Mode". It would not be a disaster if I had to rebuild it from scratch except that it has a lot of stored emails in the Exchange server.
I'm able to log in under Directory Services Restore Mode, but cannot run exmerge.exe to extract the emails from Exchange because it appears to need the Directory Services. If I restore the System State using one of my old backups, there is a risk that it will trash everything because the backup is too old (more than the "tombstone" date). Is there a solution?
I'm able to log in under Directory Services Restore Mode, but cannot run exmerge.exe to extract the emails from Exchange because it appears to need the Directory Services. If I restore the System State using one of my old backups, there is a risk that it will trash everything because the backup is too old (more than the "tombstone" date). Is there a solution?
Any error messages in the logs, or pop-ups?
ASKER
Pop-up during boot says roughly what I quoted above "Directory Service cannot start - click ok to shutdown and restart in Directory Services Restore Mode". Once logged in, the event log for Directory Service has the following errors:
NTDS ISAM, Event ID 454, NTDS (464) NTDSA: Database recovery/restore failed with unexpected error -501.
NTDS General, Event ID 1168, Internal error: An Active Directory error has occurred, additional data: Error value (decimal) -501, hex fffffe0b, Internal ID 40749
NTDS General, Event ID 1003, Active Directory could not be initialised. The operating system cannot recover from this error. User Action: Restore the local domain controller from backup media.
It doesn't sound good, does it!
(I'll be out for about 1 hour now - got to see the dentist. Not my lucky day!!)
NTDS ISAM, Event ID 454, NTDS (464) NTDSA: Database recovery/restore failed with unexpected error -501.
NTDS General, Event ID 1168, Internal error: An Active Directory error has occurred, additional data: Error value (decimal) -501, hex fffffe0b, Internal ID 40749
NTDS General, Event ID 1003, Active Directory could not be initialised. The operating system cannot recover from this error. User Action: Restore the local domain controller from backup media.
It doesn't sound good, does it!
(I'll be out for about 1 hour now - got to see the dentist. Not my lucky day!!)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Brian. Your contribution is much appreciated, but can you point me in the right direction as to how I set about "testing the I/O subsystem" please?
For info: The server has a pair of mirrored Western Digital SATA hard disks using the onboard Intel 82801FR RAID controller on an ASUS P5GD1 motherboard. RAID management software is Intel Matrix and it reports the status of both disks as normal. It has 2GB of memory.
I suspect that one of the contributory factors to the problems I see on this server (this is not the first problem it has had) is the fact that I shut it down every evening and restart it again the next morning. It seems to me that Windows Server is much happier when left running 24x7. The fact that it is a DC and has Exchange 2003 installed on it may also not help, but it does not get heavily used for anything.
For info: The server has a pair of mirrored Western Digital SATA hard disks using the onboard Intel 82801FR RAID controller on an ASUS P5GD1 motherboard. RAID management software is Intel Matrix and it reports the status of both disks as normal. It has 2GB of memory.
I suspect that one of the contributory factors to the problems I see on this server (this is not the first problem it has had) is the fact that I shut it down every evening and restart it again the next morning. It seems to me that Windows Server is much happier when left running 24x7. The fact that it is a DC and has Exchange 2003 installed on it may also not help, but it does not get heavily used for anything.
Gracefully shutting down a server should not cause physical corruption of a file. If you're just pulling the plug then yes this probably will happen. The box should be fine being shut down everyday although for an email server that seems kind of odd.
Typically the manufacturer provides hardware diagnostics tools.
Thanks,
Brian Desmond
Active Directory MVP
Typically the manufacturer provides hardware diagnostics tools.
Thanks,
Brian Desmond
Active Directory MVP
ASKER
Brian, the server is always shut down gracefully.
That installation of Exchange is not my main email server - I use it only as a test machine and also as a local store for a couple of email accounts that get downloaded from POP3 mail boxes on the Internet. It was useful to store the downloaded mails on Exchange because then they were accessible from any PC on my LAN (via Outlook). The more usual POP3 download - direct to the workstation - means you can only look at old emails if you are sat in front of the same workstation that downloaded them.
That installation of Exchange is not my main email server - I use it only as a test machine and also as a local store for a couple of email accounts that get downloaded from POP3 mail boxes on the Internet. It was useful to store the downloaded mails on Exchange because then they were accessible from any PC on my LAN (via Outlook). The more usual POP3 download - direct to the workstation - means you can only look at old emails if you are sat in front of the same workstation that downloaded them.