Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Help Restoring AD on a W2k8 PDC

Posted on 2010-11-09
12
Medium Priority
?
836 Views
Last Modified: 2012-05-10
Hello,

Please help me get back a primary domain conrtoller up.

We have a Dell T110 server running Windows 2008 with Raid 1, one of the hard disks seems to have failed on the weekend and we found the system crashed on Monday. Due to some reason, the system was asking for System Restore and for the Local Administrator account password, which, much to our shock, was not written down, not what we can remember. So we had to restore from the previous day's backup done by Windows Server's built-in Backup.

The restore went fine and the system booted back in a Jiffy. But the clients were unable to access their shares and we found that the SYSVOL and NETLOGON share are not showing. dcdiag said errors about the kds not available etc. I set burflags to d4 and restarted the server. Now sysvol share comes up and netlogon still does not come.

Before all this event, there was another 2003 server set at PDC. this new server was gradually promoted but somehow, we were testing by powering down the old dc but we forgot to depromote the old dc. the new dc did report some journal wrap condition which was resolved by setting the same burflag to d4.

Now, after the restore today, we removed the oldserver from ad using metadata cleanup and removing the old server's records from the dns zones.

So now, Netlogon is not yet showing up, sysvol folder seemes pretty much empty except for some DO_NOT_REMOVE folder. I can still see old group policies defined in gp editor.

What can I do to bring back the server fully?
0
Comment
Question by:smtwkla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 500 total points
ID: 34094964
0
 
LVL 4

Accepted Solution

by:
zgiuffria earned 500 total points
ID: 34095004
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34095005
yes I tried it but how long should i wait between setting SysvolReady flag to 0 and 1? Is there something I should restart?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34095016
Restart the server after making the change.

Here is the issue though currently you have no data within the SYSVOl with no other system to copy the data from this might be a tuff road if the above fix doesn't work
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34095019
I guess the SysvolReady key is 0?

If SYSVOL is already shared, set the flag to 1 and restart the Netlogon service.
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34095130
the SysvolReady flag is 1, making it 0 and restarting netlogon and then to 1.
I now get this:
The Netlogon service could not create server share C:\Windows\SYSVOL\sysvol\polyoffice.local\SCRIPTS.  The following error occurred:
The system cannot find the file specified.

I guess it is due to the sysvol folder being empty. Can I rebuild it by restoring c:\windows\sysvol folder from the backup again?
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34095153
zgiuffria, thanks, I have reset the password using ntdsutil
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34095174
am also getting:
The processing of Group Policy failed. Windows attempted to read the file \\polyoffice.local\sysvol\polyoffice.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1000 total points
ID: 34095203
Restore the SYSVOl folder
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34095360
Ok, I will restore the c:\windows\SYSVOL folder from the latest backup.
is there any right way to do it?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1000 total points
ID: 34095543
0
 
LVL 1

Author Comment

by:smtwkla
ID: 34101229
We have restored the SYSVOL folder entering ds rm and rebuilt it by setting burflags d4. now after reboot, everything is fine. Thanks guys for the support.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question