Solved

Restore Active Directory

Posted on 2011-03-24
5
359 Views
Last Modified: 2012-05-11
Points of My Scenario
1. I am admin of a Windows Server 2003 domain
2. The domain has 4 domain controllers: all different server models
3. One server has failed, and I need to restore Active Directory to it from system state backup
4. I need system state restore to restore ONLY Active Directory data & NOT drivers, which cause system boot failure.
QUESTION: How do I restore system state data that is related ONLY to Active Directory?
0
Comment
Question by:waforbes100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35210471
So you can use the procedures for a non-authoritative restore  http://technet.microsoft.com/en-us/library/cc784922(WS.10).aspx

When you say "it failed" what does that mean?  If it is a catastrophic hardware failure for example you can just cleanup that dead DC using metadata cleanup procedures (can provide more info on that)

Thanks

Mike
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 35210516
You have to restore the entire System State. You can't pick that apart.

Is it an option to reinstall the DC (including Metadata Cleanup) and promote it back as a DC?
0
 

Author Comment

by:waforbes100
ID: 35210925
To Mkline71: the error I get just before logon is the following - "Security Accounts Manager initialization failed because of the followng error: Directory Service cannot start. Error Status: 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information."

To Snusgubben: after I click OK on the above error, the system reboots. I can get into Directory Services Restore Mode, but I am not able to find a 'smoking gun' (i.e. critical clue).
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 500 total points
ID: 35211043
Have you looked at the KB regarding 0xc00002e1?

http://support.microsoft.com/kb/258062

If the database has become corrupt, it is not sure you can save it with.

The semantic checker will only fix minor errors. Leaving you to either restore the entire System State or rebuild the DC. Rebuilding is maybe the easiest option if this is a dedicated DC.
0
 

Author Closing Comment

by:waforbes100
ID: 35215047
I will have to rebuild the DC.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question