?
Solved

Windows Server 2008–Domain Controller Failed to start

Posted on 2013-06-21
5
Medium Priority
?
3,748 Views
Last Modified: 2013-07-31
Server 2008 R2.  Second of two Domain Controllers
Problems with RAID array led to possible drive errors
BSOD during boot

“STOP: c00002e2 Directory Services could not start because of the following error: A device attached to the system is not functioning.

Error Status: 0xc0000001. Please shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information.”


I am able to boot the Directory Services Restore Mode.

I've tried to correct using. these steps.


=================================================

    Restart the server and press F8 key, select Directory Services restore mode.
    Log in with the local administrator username and password
    Type: cd \windows\system32
    Type: NTDSUTIL
    Type: activate instance NTDS
    Type: files
    If you encounter an error stating that the Jet engine could not be initialized exit out of ntdsutil.
    Type: cd\
    Type: md backupad
    Type: cd \windows\ntds
    Type: copy ntds.dit c:\backupad
    Type: cd \windows\system32
    Type: esentutl /g c:\windows\ntds\ntds.dit
    This will perform an integrity check, (the results indicate that the jet database is corrupt)
    Type: esentutl /p   c:\windows\ntds\ntds.dit
    Agree with the prompt
    Type: cd \windows\ntds
    Type: move *.log c:\backupad   (or just delete the log files)

This should complete the repair.  To verify that the repair has worked successfully:

    Type: cd \windows\system32
    Type: ntdsutil
    Type: activate instance ntds
    Type: files        (you should no longer get an error when you do this)
    Type: info       (file info should now appear correctly)

One final step, now sure if it’s required:

From the NTDSUTIL command prompt:

    Type: Semantic Database Analysis
    Type: Go
===============================

Errors during item 15 defragmentation stage Hits about 10% and terminates with -1526 JET_errLVCorrupted in long-value


Ran  Esentutl /k c:\windows\ntds\ntds.dit

1 bad checksums



Status: I am unable to repair the NTDS.DIT.  What are my options please?

The other domain controller is running fine





Thanks,

  Troy Taylor
0
Comment
Question by:tset63
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 1000 total points
ID: 39267591
you've already done quite a bit
since it's failing with that error, might as well demote and promote
if the corruption is that bad and directory services won't start, may have to wipe the server, clean up AD and start over then promote again (make sure to seize any fsmo roles on the first server if the second server had any)

http://support.microsoft.com/kb/2645996
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39267752
You can try hard repair of AD database and check.
C:\windows\system32>esentutl /P "database path"
Delete the *.log file
Restart the DC. Check the integrity of AD database.

If the database is not recoverable you can forcefully demote DC by running dcpromo/forceremoval followed by metadata cleanup and promote the server back as DC..If faulty DC is fsmo role holder server the you need to seize the FSMO role on other DC.

Forcing the Removal of a Domain Controller in DSRM mode.
http://technet.microsoft.com/en-us/library/cc731871(v=ws.10).aspx

Metadata cleanup: http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Seize FSMO role: http://www.petri.co.il/seizing_fsmo_roles.htm

Dont forget to configure authorative time server role on PDC role holder server.
Authorative time server: http://support.microsoft.com/kb/816042

Complete Step by Step Guideline to Remove an Orphaned Domain controller (including seizing FSMOs, running a metadata cleanup, and more)
http://msmvps.com/blogs/acefekay/archive/2010/10/05/complete-step-by-step-to-remove-an-orphaned-domain-controller.aspx

Hope this helps
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39270400
I would have deleted all files from C:\Windows\ntds folder EXCEPT ntds.dit and restarted domain controller ...Dont worry about remaining files as those will be re-created after reboot
0
 
LVL 13

Assisted Solution

by:Jaihunt
Jaihunt earned 1000 total points
ID: 39270540
Best way is demote and promote. Since you had hardware issues Just rebuild the server by installing OS also check all Hardware status before promoting the server as DC. Also if you have any DNS or any other dependency move it to other server before proceeding further.
0
 

Author Closing Comment

by:tset63
ID: 39371440
Thanks for the feedback.  I solved using DSRM boot, force DCPROMO out the faulty server.  I forget exaclty what else I had to do on AD clean-up but I was able to rejoin and re-promote the server.

Troy
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question