Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Domain controller / Domain admin account login issues

Posted on 2013-06-20
Medium Priority
Last Modified: 2013-06-25
Last night, the client's IT Manager rebooted the SBS2003 Domain controller that we are migrating away from. Further, he made the decision to Force the power-down by holding the power button as he thought it was hung in the reboot process (something that was a "common thing" prior to me coming on board for the project.   It was their only domain controller, until we installed two new DC's and got replication going, sperated the FSMO rolls, installed Exchange etc.  

Since the event, I am unable to login to the SBS2003 DC with the domain admin account, BUT i can login to the machine with another admin account, the IT Manager's account.  there are several errors that did not exist, it appears DNS has crashed and more.

this is the result of running repadmin /syncall from a healthy source DC in the domain:

I am lost guys, please advise....

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.VANAIR>repadmin /syncall
CALLBACK MESSAGE: Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._
msdcs.Vanair.local (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.
CALLBACK MESSAGE: The following replication is in progress:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local
CALLBACK MESSAGE: The following replication completed successfully:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local

SyncAll reported the following errors:
Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._msdcs.Vanair.local
 (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.


when logged into other member servers, alerts pop up noting that the \\Servername\users\my docs folder is not available.  i have never seen anything like this, and the REAL KICKER is i have also found that the it manager has not been running backups since we started the project.  I have nothing to restore, to get us back on track quickly.  I need a miracle?  

Even more troubling, from the Server 2008R2 DC, where exchange is installed, i cannot get EMC to initialize after the events from last night.  I cannot work within EMC to finish the migration of the public folders, and a few troubled user accounts that were noted to be last in the migration process by the client.  It is the 500 error, and i have been through many articles to resolve that issue with no luck???  scary!

Thanks, to any and all in advance.  This one is troubling and very worrisome to me.  I need to wrap this project, and finalize the exchange migration from SBS2003 to SVR 2008R2 and decommission the failing SBS2003 server.  We intend to format and repurpose the machine.

Thanks again for any help guys!
Question by:KMLTECH
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 39264137
When Exchange is installed on a domain controller, Exchange will only use that domain controller. That means Exchange wants to use the SBS Server.

Did you clean reboot the machine once it was back up again?
Run the SBS BPA against the machine and see what it flags. If DNS is knackered and you have it on other machines then just change the DNS settings in the server to point it elsewhere.

LVL 45

Expert Comment

ID: 39264166
Below are the DC related troubleshooting Steps i wrote long back. You can check for the errors in logs and take corrective action as described below. Without backup it is difficult to fix issues as you know. If nothing works, better open case with MS.

Critical Errors

Event ID: -- 467 – Directory Service Event
Indication – AD Database table has been corrupt.
Resolution – Perform a offline defragmentation of AD Database or Remove the AD database from the server and reinstall AD.

Warning Errors

File Replication Events

Event ID: 13508 – Unable to create RPC connection to replication partner
A single FRS event ID 13508 does not mean anything is broken or not working, as long as it is followed by FRS event ID 13509, which indicates that the problem was resolved.
Check for Event ID 13509 after 13508 if not troubleshoot the event 13508
Resolution – Stop and start the File Replication service.
1. Run --> cmd --> net stop ntfrs (stopping the service)
2. Net start ntfrs (starting the service)
Note: Stopping and starting the service should be done strictly after business hours.

Event ID: 13568 – Indicates FRS is in Journal Wrap state
How to perform nonauthoritative restore.

1) Open command prompt on DC, type net stop ntfrs
2) Goto Run> Type Regedit
3) Browse to below path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
4) In the right side window, select BurFlags and double click to open it
5) Type D2 in the Edit DWORD Value. Click ok and exit from Regedit snap-in
6) Open command Prompt again on DC and type net start ntfrs
7) Open Event Viewer and in FRS logs you will find 13565. This indicate restore process is started
8) Event ID 13516 will indicate restore is completed.

For more details: http://support.microsoft.com/kb/290762

Directory Service Events:
Event ID: 1925, 1311, 1865, and 1566 --- These Events indicate KCC (Knowledge Consistency Checker) Errors
1) Check there is no network issues in the site.
2) Check the DC by running a Basic DNS test. (Run --> cmd --> dcdiag /test:dns /s:sourcedomaincontrollername /Dnsbasic).
For EX:- dcdiag /test:dns /s:YOURDCNAME /Dnsbasic
3) Check DNS Registration by running the following command.
Dcdiag /test:dns /DnsRecordRegistration.
Event ID: 1079, 1169 --- This Event is trigerred if Active Directory is unable to perform replication if there is a low memory to perform the operation.

Author Closing Comment

ID: 39276104
Thank you guys!  Simon, you were on point with DNS being Knackered.  ended up removing DNS and DHCP, fixing both and things are good.  the only problem i have now is that i cannot get EMC on Server 2008R2/Exchange 2010 to open...  keep getting this 500 error code, which is playing out to be the most generic error i have came across in quite some time...  I will be removing exchange 2003/SBS server from the domain int he coming days, and will re-purpose the machine.

Thanks again!

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question