Unable to start Directory Service / Restore System State / AD Restore jet-error -501

Good day everyone,

This morning my customer called me that he was not able to logon to his server and 28 employees could not look into their calendar to see what patience's were coming today.

The server boots with a SAM error. Till now I've checked a lot of solution provided at EE. Even a system restore with ARCserve 12 failes.

I followed the instructions in this kb file: http://support.microsoft.com/kb/258062

If I check the files in the NTDS folder the only one I'm missing is: temp.edb.

At checkpoint 9, The ntdsutil files info command does in integrity check and tells me the Database is CORRUPTED!
Checkpoint 10, ntdsutil "sem d a" go failes with the error: Opening database [Current}. *** error: DBInitializeJetDatabase failes with [ Jet-error -501].
At Checkpoint 11, the same error occurs.

LSASS.EXE – Systeemfout - Het initialiseren van de SAM (Security Accounts Manager) is mislukt vanwege de volgende fout: Kan de directoryservice niet starten. Foutstatus 0xc00002e1.

Any options about this Jet-error -501?


Unable to restore System State, Unable to login SAM initialization failed, Unable to start Directory Service
Who is Participating?
ChrisConnect With a Mentor Commented:
You can try using esentutl to repair the database. Before doing this make a copy of ntds.dit in case the repair makes things worse.


You will need to be in directory services restore mode.
BGMServicesAuthor Commented:
By performing the ARCserve Backup 12 for System State restore, I also checked the option "Make the Restored Copy of the Active Directory Authoritative".

A command prompt pops up to use Ntdsutil.
This is an automated script from ARCserve I suppose.
It says:

Ntdsutil: authoritative restore
authoritative restore: restore database

Opening DIT-database...
Unable to initialize Jet-engine: Jet-error -501.

The same kind of error.
BGMServicesAuthor Commented:
Thank you for your input.

esentutl /g "c:\windows\ntds\ntds.dit"/!10240 /8 /v /x /o does not work on this 2003r2 server.
I could proceed by using esentutl /g "c:\windows\ntds\ntds.dit /8 /v
The /!10240 option is not valid.

But, it did the trick. I don't get a SAM error anymore and are able to login. Now I have to find out if anything is up and running again.

Thank you so far.

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

SandeshdubeySenior Server EngineerCommented:
ESENTUTL /g option will only check the integrity of AD database.Have you performed the repiar of AD database by /p switch.The above indicates that AD database is corrupt.

How many Dcs you have in the env?

I will recommend to run chkdsk in read only mode to check for any errors and run chkdsk/f to fix the drive if reported,

Exclude the ntds/ntfrs/sysvol from AV scan,update the bios and other system drivers.You can try running semantic db analysis and run go fixup and do offline defragmentation of the Active Directory database:http://support.microsoft.com/kb/232122

Most of the time above error is fix by defraging the AD database.
BGMServicesAuthor Commented:
The customer has only one DC in his company.
Checkdisk was allready performed. No errors.
It's a good idea to exclude this folder from AV.

I'm glad the server is up and running again and so is my customer.

Thank you guys.
SandeshdubeySenior Server EngineerCommented:
I will also recommend to have one more DC in the network for redundancy.Also verify the health of DC by dcdiag /q.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.