Domain controller / Domain admin account login issues

Last night, the client's IT Manager rebooted the SBS2003 Domain controller that we are migrating away from. Further, he made the decision to Force the power-down by holding the power button as he thought it was hung in the reboot process (something that was a "common thing" prior to me coming on board for the project.   It was their only domain controller, until we installed two new DC's and got replication going, sperated the FSMO rolls, installed Exchange etc.  

Since the event, I am unable to login to the SBS2003 DC with the domain admin account, BUT i can login to the machine with another admin account, the IT Manager's account.  there are several errors that did not exist, it appears DNS has crashed and more.

this is the result of running repadmin /syncall from a healthy source DC in the domain:

I am lost guys, please advise....

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.VANAIR>repadmin /syncall
CALLBACK MESSAGE: Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._
msdcs.Vanair.local (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.
CALLBACK MESSAGE: The following replication is in progress:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local
CALLBACK MESSAGE: The following replication completed successfully:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local

SyncAll reported the following errors:
Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._msdcs.Vanair.local
 (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.


when logged into other member servers, alerts pop up noting that the \\Servername\users\my docs folder is not available.  i have never seen anything like this, and the REAL KICKER is i have also found that the it manager has not been running backups since we started the project.  I have nothing to restore, to get us back on track quickly.  I need a miracle?  

Even more troubling, from the Server 2008R2 DC, where exchange is installed, i cannot get EMC to initialize after the events from last night.  I cannot work within EMC to finish the migration of the public folders, and a few troubled user accounts that were noted to be last in the migration process by the client.  It is the 500 error, and i have been through many articles to resolve that issue with no luck???  scary!

Thanks, to any and all in advance.  This one is troubling and very worrisome to me.  I need to wrap this project, and finalize the exchange migration from SBS2003 to SVR 2008R2 and decommission the failing SBS2003 server.  We intend to format and repurpose the machine.

Thanks again for any help guys!
Who is Participating?
Simon Butler (Sembee)ConsultantCommented:
When Exchange is installed on a domain controller, Exchange will only use that domain controller. That means Exchange wants to use the SBS Server.

Did you clean reboot the machine once it was back up again?
Run the SBS BPA against the machine and see what it flags. If DNS is knackered and you have it on other machines then just change the DNS settings in the server to point it elsewhere.

AmitIT ArchitectCommented:
Below are the DC related troubleshooting Steps i wrote long back. You can check for the errors in logs and take corrective action as described below. Without backup it is difficult to fix issues as you know. If nothing works, better open case with MS.

Critical Errors

Event ID: -- 467 – Directory Service Event
Indication – AD Database table has been corrupt.
Resolution – Perform a offline defragmentation of AD Database or Remove the AD database from the server and reinstall AD.

Warning Errors

File Replication Events

Event ID: 13508 – Unable to create RPC connection to replication partner
A single FRS event ID 13508 does not mean anything is broken or not working, as long as it is followed by FRS event ID 13509, which indicates that the problem was resolved.
Check for Event ID 13509 after 13508 if not troubleshoot the event 13508
Resolution – Stop and start the File Replication service.
1. Run --> cmd --> net stop ntfrs (stopping the service)
2. Net start ntfrs (starting the service)
Note: Stopping and starting the service should be done strictly after business hours.

Event ID: 13568 – Indicates FRS is in Journal Wrap state
How to perform nonauthoritative restore.

1) Open command prompt on DC, type net stop ntfrs
2) Goto Run> Type Regedit
3) Browse to below path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
4) In the right side window, select BurFlags and double click to open it
5) Type D2 in the Edit DWORD Value. Click ok and exit from Regedit snap-in
6) Open command Prompt again on DC and type net start ntfrs
7) Open Event Viewer and in FRS logs you will find 13565. This indicate restore process is started
8) Event ID 13516 will indicate restore is completed.

For more details:

Directory Service Events:
Event ID: 1925, 1311, 1865, and 1566 --- These Events indicate KCC (Knowledge Consistency Checker) Errors
1) Check there is no network issues in the site.
2) Check the DC by running a Basic DNS test. (Run --> cmd --> dcdiag /test:dns /s:sourcedomaincontrollername /Dnsbasic).
For EX:- dcdiag /test:dns /s:YOURDCNAME /Dnsbasic
3) Check DNS Registration by running the following command.
Dcdiag /test:dns /DnsRecordRegistration.
Event ID: 1079, 1169 --- This Event is trigerred if Active Directory is unable to perform replication if there is a low memory to perform the operation.
KMLTECHAuthor Commented:
Thank you guys!  Simon, you were on point with DNS being Knackered.  ended up removing DNS and DHCP, fixing both and things are good.  the only problem i have now is that i cannot get EMC on Server 2008R2/Exchange 2010 to open...  keep getting this 500 error code, which is playing out to be the most generic error i have came across in quite some time...  I will be removing exchange 2003/SBS server from the domain int he coming days, and will re-purpose the machine.

Thanks again!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.