grevels
asked on
SBS 2008 Local Admin Login
We have a client with an SBS 2008 server that is not allowing users to login. There are two domain admin accounts and neither one of those are working when booting into Normal Mode. Yet they both work when booting into Safe Mode with Networking. When trying to login to Normal Mode get an error about invalid username or password.
We have followed these directions http://social.technet.microsoft.com/Forums/sk-SK/winserverDS/thread/172eb4bb-a8df-42ce-a1c7-472d33dc210a and determined that the NTDS.dit file was corrupt. We have restored it from a backup and made it through these steps with no problems. On step 9 after going into NTDSUTIL we do have to enter ACTIVATE INSTANCE NTDS before FILES will work.
Any assistance would be greatly appreciated
Greg
We have followed these directions http://social.technet.microsoft.com/Forums/sk-SK/winserverDS/thread/172eb4bb-a8df-42ce-a1c7-472d33dc210a and determined that the NTDS.dit file was corrupt. We have restored it from a backup and made it through these steps with no problems. On step 9 after going into NTDSUTIL we do have to enter ACTIVATE INSTANCE NTDS before FILES will work.
Any assistance would be greatly appreciated
Greg
ASKER
Jeff,
The error is no one can logon to the server. Even the two domain admin accounts are not working when booting into Normal mode, but they work in Safe Mode.
Thanks,
Greg
The error is no one can logon to the server. Even the two domain admin accounts are not working when booting into Normal mode, but they work in Safe Mode.
Thanks,
Greg
There should still be an error message event logged in the Server's System Log file regarding these failed log in attempts.
Please log in via safe mode and take a look.
Jeff
TechSoEasy
Please log in via safe mode and take a look.
Jeff
TechSoEasy
ASKER
Jeff,
Here is the System log and the Directory Services log. I had to filter the System log If you need to see anything else just let me know.
Thanks,
Greg
Directory-Services.xml
System.xml
Here is the System log and the Directory Services log. I had to filter the System log If you need to see anything else just let me know.
Thanks,
Greg
Directory-Services.xml
System.xml
Okay, please review the suggestions in this thread:
http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/thread/8b11b132-a145-4f81-91b7-9cbb685a0370
These are more specific to SBS.
Jeff
TechSoEasy
http://social.technet.microsoft.com/Forums/en-US/smallbusinessserver/thread/8b11b132-a145-4f81-91b7-9cbb685a0370
These are more specific to SBS.
Jeff
TechSoEasy
ASKER
Thanks for the link. I will review my notes at the office, but it seems like I have done all of this. I know I found the error about deleting the registry key and I have done that. I will make sure that the key did not repopulate from trying another repair of the ntds.dit file though.
Greg
Greg
ASKER
Jeff,
When I got in this morning the server was in Safe Mode with Networking. I checked the registry and that entry was there so I deleted it. I restarted in Normal Mode and was unable to login still. The only procedure I had not tried was the ntds defrag. I rebooted into DSRM and followed the steps to defrag ntds.dit. I then checked the registry again and deleted that key again. I rebooted into Normal Mode and still cannot login. I am going to clear the event logs and start with some fresh ones to see if I can see why that key keeps getting added back to the registry.
Thanks,
Greg
When I got in this morning the server was in Safe Mode with Networking. I checked the registry and that entry was there so I deleted it. I restarted in Normal Mode and was unable to login still. The only procedure I had not tried was the ntds defrag. I rebooted into DSRM and followed the steps to defrag ntds.dit. I then checked the registry again and deleted that key again. I rebooted into Normal Mode and still cannot login. I am going to clear the event logs and start with some fresh ones to see if I can see why that key keeps getting added back to the registry.
Thanks,
Greg
The key will always be recreated -- the reason to delete it is to automatically repair the database.
Do you have a backup which may have a good copy of the NTDS file?
Jeff
TechSoEasy
Do you have a backup which may have a good copy of the NTDS file?
Jeff
TechSoEasy
ASKER
Jeff,
I do not have a backup. We have gotten the customer up on other hardware and just created a new domain since it was less than ten users. Without a backup of the NTDS folder do you think this is salvageable? This is just for my knowledge at this point.
Thanks,
Greg
I do not have a backup. We have gotten the customer up on other hardware and just created a new domain since it was less than ten users. Without a backup of the NTDS folder do you think this is salvageable? This is just for my knowledge at this point.
Thanks,
Greg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Jeff
TechSoEasy