Solved

How to rebuild corrupted Domain Controller

Posted on 2011-03-18
7
432 Views
Last Modified: 2012-08-13
Here is the situation.

We have a DC that was never backed up. The company data on the server was but not the system state, AD, etc.  There are 5 DC's throughout the domain.

The DC got corrupted and now it won't boot.  I am getting the error below after attempting to "repair" the Windows installation (see attached image).

Can I simply cleanup the metadata, reinstall Windows 2003 R2, give the server the same name / IP address and then promote it?

What else am I missing here?

This is a disaster situation for us here and the IT department definitely failed.  Now I'm just trying to minimize the downtime.

Any help would be appreciated.
2.jpg
0
Comment
Question by:homerslmpson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 250 total points
ID: 35167587
I would kill it - reload and reinstall.  Clean up the metadata and if you verify DNS and AD have no traces of the DC, you can reuse the same name/IP
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 125 total points
ID: 35167599
Fornmat and rebuild that failed DC. The run a metadatacleanup, see link below, and delete object from sites and serives. You can re-add the computer with the same and IP but some people prefer to give it a  new name. If you keep the same name make sure your other DCs are replicating properly, run repadmin and dcdiag to verify there are no errors after you do the metadatacleanup




http://support.microsoft.com/kb/216498
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 125 total points
ID: 35167708
Metadata cleanup.
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Sieze any FSMO roles listed to another DC.

Delete all DNS records for this failed DC.

You can then proceed with rebuild
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 1

Author Comment

by:homerslmpson
ID: 35167772
I got this from another website.  Does this seem like the right steps?

1. Type ntdsutil at the command prompt.
2. At the ntdsutil: prompt, type metadata cleanup and press [Enter].
3. If SP1 is installed, type remove selected server ServerName. (See Figure B.) If SP1 is not installed and you're using the version of Ntdsutil.exe that's included with Windows Server 2003with no service pack, connect to the existing domain controller (in ourcase, the one in the same site as the failed DC) on which you want to remove the failed DC's ntdsDSA object. To do this, type connections at the metadata cleanup prompt and press [Enter].
4. Type connect to server <servername>, where <servername>is the DC that will be used to clean the metadata, and press [Enter]. It can be any working DC in the same domain, but we'll use one in the same site. Figure C shows this step on a DC that does not have SP1 installed.
5. Type quit and press [Enter].
6. Type select operation target and press [Enter].
7. Type list domains and press [Enter]. All domains in the forest will be listed.
8. Type select domain <number> and press [Enter].
9. Type list sites and press [Enter].
10. Type select site <number> (the number of the site in which the DC was a member) and press [Enter].
11. Type list servers in site and press [Enter].
12. Type select server <number>, where <number>is that of the DC to be removed, and press [Enter].
13. Type quit and press [Enter].
14. Type remove selected server and press [Enter].
15. Type quit and press [Enter] until you're back at the command prompt.
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 250 total points
ID: 35167789
what other web site?

I'd use (often use so I don't have to memorize)Petri's version - google Petri metadata cleanup
0
 
LVL 1

Author Comment

by:homerslmpson
ID: 35167804
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35167860
Go with Petri
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question