Domain controller / Domain admin account login issues

Posted on 2013-06-20
Medium Priority
Last Modified: 2013-06-25
Last night, the client's IT Manager rebooted the SBS2003 Domain controller that we are migrating away from. Further, he made the decision to Force the power-down by holding the power button as he thought it was hung in the reboot process (something that was a "common thing" prior to me coming on board for the project.   It was their only domain controller, until we installed two new DC's and got replication going, sperated the FSMO rolls, installed Exchange etc.  

Since the event, I am unable to login to the SBS2003 DC with the domain admin account, BUT i can login to the machine with another admin account, the IT Manager's account.  there are several errors that did not exist, it appears DNS has crashed and more.

this is the result of running repadmin /syncall from a healthy source DC in the domain:

I am lost guys, please advise....

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.VANAIR>repadmin /syncall
CALLBACK MESSAGE: Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._
msdcs.Vanair.local (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.
CALLBACK MESSAGE: The following replication is in progress:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local
CALLBACK MESSAGE: The following replication completed successfully:
    From: 2b995051-4885-49b2-af59-acdd52f29ac2._msdcs.Vanair.local
    To  : 837dc78c-02c3-49f3-b647-be2252a9a716._msdcs.Vanair.local

SyncAll reported the following errors:
Error contacting server 24309a7c-3f75-4744-bdbe-fee70f801099._msdcs.Vanair.local
 (network error): 1723 (0x6bb):
    The RPC server is too busy to complete this operation.


when logged into other member servers, alerts pop up noting that the \\Servername\users\my docs folder is not available.  i have never seen anything like this, and the REAL KICKER is i have also found that the it manager has not been running backups since we started the project.  I have nothing to restore, to get us back on track quickly.  I need a miracle?  

Even more troubling, from the Server 2008R2 DC, where exchange is installed, i cannot get EMC to initialize after the events from last night.  I cannot work within EMC to finish the migration of the public folders, and a few troubled user accounts that were noted to be last in the migration process by the client.  It is the 500 error, and i have been through many articles to resolve that issue with no luck???  scary!

Thanks, to any and all in advance.  This one is troubling and very worrisome to me.  I need to wrap this project, and finalize the exchange migration from SBS2003 to SVR 2008R2 and decommission the failing SBS2003 server.  We intend to format and repurpose the machine.

Thanks again for any help guys!
Question by:KMLTECH
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 39264137
When Exchange is installed on a domain controller, Exchange will only use that domain controller. That means Exchange wants to use the SBS Server.

Did you clean reboot the machine once it was back up again?
Run the SBS BPA against the machine and see what it flags. If DNS is knackered and you have it on other machines then just change the DNS settings in the server to point it elsewhere.

LVL 44

Expert Comment

ID: 39264166
Below are the DC related troubleshooting Steps i wrote long back. You can check for the errors in logs and take corrective action as described below. Without backup it is difficult to fix issues as you know. If nothing works, better open case with MS.

Critical Errors

Event ID: -- 467 – Directory Service Event
Indication – AD Database table has been corrupt.
Resolution – Perform a offline defragmentation of AD Database or Remove the AD database from the server and reinstall AD.

Warning Errors

File Replication Events

Event ID: 13508 – Unable to create RPC connection to replication partner
A single FRS event ID 13508 does not mean anything is broken or not working, as long as it is followed by FRS event ID 13509, which indicates that the problem was resolved.
Check for Event ID 13509 after 13508 if not troubleshoot the event 13508
Resolution – Stop and start the File Replication service.
1. Run --> cmd --> net stop ntfrs (stopping the service)
2. Net start ntfrs (starting the service)
Note: Stopping and starting the service should be done strictly after business hours.

Event ID: 13568 – Indicates FRS is in Journal Wrap state
How to perform nonauthoritative restore.

1) Open command prompt on DC, type net stop ntfrs
2) Goto Run> Type Regedit
3) Browse to below path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
4) In the right side window, select BurFlags and double click to open it
5) Type D2 in the Edit DWORD Value. Click ok and exit from Regedit snap-in
6) Open command Prompt again on DC and type net start ntfrs
7) Open Event Viewer and in FRS logs you will find 13565. This indicate restore process is started
8) Event ID 13516 will indicate restore is completed.

For more details: http://support.microsoft.com/kb/290762

Directory Service Events:
Event ID: 1925, 1311, 1865, and 1566 --- These Events indicate KCC (Knowledge Consistency Checker) Errors
1) Check there is no network issues in the site.
2) Check the DC by running a Basic DNS test. (Run --> cmd --> dcdiag /test:dns /s:sourcedomaincontrollername /Dnsbasic).
For EX:- dcdiag /test:dns /s:YOURDCNAME /Dnsbasic
3) Check DNS Registration by running the following command.
Dcdiag /test:dns /DnsRecordRegistration.
Event ID: 1079, 1169 --- This Event is trigerred if Active Directory is unable to perform replication if there is a low memory to perform the operation.

Author Closing Comment

ID: 39276104
Thank you guys!  Simon, you were on point with DNS being Knackered.  ended up removing DNS and DHCP, fixing both and things are good.  the only problem i have now is that i cannot get EMC on Server 2008R2/Exchange 2010 to open...  keep getting this 500 error code, which is playing out to be the most generic error i have came across in quite some time...  I will be removing exchange 2003/SBS server from the domain int he coming days, and will re-purpose the machine.

Thanks again!

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Here's a look at newsworthy articles and community happenings during the last month.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses
Course of the Month9 days, 21 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question