Solved

Restore Active Directory

Posted on 2011-03-24
5
357 Views
Last Modified: 2012-05-11
Points of My Scenario
1. I am admin of a Windows Server 2003 domain
2. The domain has 4 domain controllers: all different server models
3. One server has failed, and I need to restore Active Directory to it from system state backup
4. I need system state restore to restore ONLY Active Directory data & NOT drivers, which cause system boot failure.
QUESTION: How do I restore system state data that is related ONLY to Active Directory?
0
Comment
Question by:waforbes100
  • 2
  • 2
5 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35210471
So you can use the procedures for a non-authoritative restore  http://technet.microsoft.com/en-us/library/cc784922(WS.10).aspx

When you say "it failed" what does that mean?  If it is a catastrophic hardware failure for example you can just cleanup that dead DC using metadata cleanup procedures (can provide more info on that)

Thanks

Mike
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 35210516
You have to restore the entire System State. You can't pick that apart.

Is it an option to reinstall the DC (including Metadata Cleanup) and promote it back as a DC?
0
 

Author Comment

by:waforbes100
ID: 35210925
To Mkline71: the error I get just before logon is the following - "Security Accounts Manager initialization failed because of the followng error: Directory Service cannot start. Error Status: 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information."

To Snusgubben: after I click OK on the above error, the system reboots. I can get into Directory Services Restore Mode, but I am not able to find a 'smoking gun' (i.e. critical clue).
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 500 total points
ID: 35211043
Have you looked at the KB regarding 0xc00002e1?

http://support.microsoft.com/kb/258062

If the database has become corrupt, it is not sure you can save it with.

The semantic checker will only fix minor errors. Leaving you to either restore the entire System State or rebuild the DC. Rebuilding is maybe the easiest option if this is a dedicated DC.
0
 

Author Closing Comment

by:waforbes100
ID: 35215047
I will have to rebuild the DC.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Forest Functionality Level 3 23
Weird issue with VMWare ESXi 6 host 3 54
Installing Exchange 2016 2 24
reboot server with scheduled time and week base 4 32
Resolve DNS query failed errors for Exchange
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question