Solved

LSASS.exe error after windows repair

Posted on 2010-11-23
7
625 Views
Last Modified: 2012-06-21
One of our customer's servers crashed over the weekend and we reloaded windows onto it and did a system state restore from Symantec Backup Exec in order to retrieve active directory.  After the restore and a reboot the server looked like it was loading windows and then would reboot, and this would continue on and on.  I ran a windows repair from the windows 2003 server cd and it got to the point of installing windows and I receive an error message stating "Security Accounts Manager initialization failed because of the following error:  directory service cannot start.  Error status:  0xc00002e1" I've tried clicking ok, which restarts the server and booting into safe mode, but still receive the same error message.  Any ideas?
0
Comment
Question by:czaz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34197712
I've never done a windows repair on a DC so not sure about that part.  Do you have other DCs and what other services does this DC provide (DNS, DHCP, etc) FSMO roles, GC etc

So right now you can't even boot into windows and access AD on that box?

Thanks

Mike
0
 

Author Comment

by:czaz
ID: 34197736
This is the only domain controller for this customer and has all the roles.  (DNS,DHCP,GC,etc)
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34197965
Ouch,  ok try and go through this article   http://support.microsoft.com/kb/258062

...for anyone that comes to this question....this is why we always recommend at least two DCs.  If there is a second DC here then things would be much easier for the users and sys admins/engineers.

Thanks

Mike
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:czaz
ID: 34198000
I can't even boot into directory services restore mode as it comes up with the same error message, so don't think that article is going to help.

Yeah we have recommended in the past to have at least 2 DCs and they didn't want one.  We do very little work for this company, and I'm sure they'll want a second one after this.  :)
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34198462
So basically you can't boot into any mode (regular or safe).  If that is the case then a rebuild/restore.  

I don't say this often on here but this may also be a case to call PSS seeing it is your only DC there.
0
 

Author Comment

by:czaz
ID: 34198521
Yeah I've basically come to the conclusion that I'll have to re-create all 60 of their accounts and re-create the security structure on their data.  I just wanted to see if anyone had any ideas before I went ahead and gave them the bad news.
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 34200281
You can also rebuild the box and try the restore again first.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question