Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Can I demote a Server 2003 in DSRM, retart the server as a stand alone, then promote it back to a DC and use System State Restore to recover original domain

Posted on 2011-03-25
6
Medium Priority
?
1,036 Views
Last Modified: 2012-05-11
We are running a Server 2003 Domain and a power outage today tested the UPS and it failed. Hence the AD was corrupted. The AD does not want to be repaired with esentutil or ntdsutil. I have tried to repair it to a state where I can get the Server to boot again, then I could run the Backup Exec and so a system state restore to repair it.  The MS KB258062 describes the problem, although I dont have the Event Messages that are suggsted there.

My question is, can I demote the Server in DSRM, retart the server as a stand alone server, then promote it back to a DC, then perform a system state restore to bring the original domain back again.? It is the only DC on the Domain.
0
Comment
Question by:kevinjeremy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35214683
First thing this is why it is so important to have more the one DC even if the other DC is a virtual machine or a PC you would have at least been saved.

Here are the instructions on restoring.

http://www.petri.co.il/restore-windows-server-2003-active-directory.htm

http://technet.microsoft.com/en-us/library/cc782127(WS.10).aspx

If the DC is dead then you should run dcpromo /forceremoval to remove AD from the failed server
0
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 35214712
I suppose that is few users. Maybe better is erase all and recreate domain.
0
 
LVL 11

Accepted Solution

by:
Sigurdur Haraldsson earned 2000 total points
ID: 35221066
@dariusg, the DC has to be live  but offline to run dcpromo /forceremoval on it.

@kevinjeremy. you're correct in all but one. You don't need to restart the DC in DSRM, just plug it offline and run dcpromo /forceremoval, THEN start it in DSRM and restore the AD back. Since it is the only DC you don't have to restore authoritatively (spelling?) but it really depends on how new your AD backup is.

And I agree with dariusg, it's very important to have two DCs for fault tolerance.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:kevinjeremy
ID: 35224470
I might add that this server was setup by a previous consultant, who is no longer in the business ???and no disc's etc were left on site and no one else .. you probably know the story.

My issue now is that the backup was done with Symantec Backup Exec 11d and when in DSRM, I dont have any services running and Backup Exec wont run to recover files. I am looking for a way to recover the System State backup so that it can be restored in DSRM. Can you be of any help here?
0
 

Assisted Solution

by:kevinjeremy
kevinjeremy earned 0 total points
ID: 35224878
OK, I have the issue sorted.
The corruption of the AD would only let the server start in DSRM, but it would not recognise the AD, so there were no permisions etc to allow any of the necessary services to run ie Backup Exec.

After getting a backup Image of the System Drive, I found another article MS KB332199 that had a section that described  "If the domain controller cannot start in normal mode".
Following this section, I managed to remove the old broken domain, recreate another domain of the same name, and then login to DSRM and restore the system state from backup of two days ago.
The only other issue was with Backup Exec, the permissions from the newly created domain did not match the existing backup data. Using Bckup Exec Login Wizard, I created another user with the new domain admin credentials and set this as default, then the restore would work for me. After the system state restore, all permissions are set back to how they were when the backup was created..

Thanks to those who responded.
0
 

Author Closing Comment

by:kevinjeremy
ID: 35275428
The solution from sighar was a good start to where I needed to go.
The final solution being in my own comments, was that I performed further research myself to gain a resolution to the problem.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question