Solved

Cannot login to 2008 Server after restore

Posted on 2013-12-19
10
624 Views
Last Modified: 2013-12-20
I'm trying to do a test restoration of our single domain controller using Symantec Backup Exec System Recovery into VMWare.  I can get the server to boot, but when I try to login I receive the error "The security database on the server does not have a computer account for this workstation trust relationship".  I've seen other fixes for this out there, but they all refer to logging into one of the other domain controllers.
0
Comment
Question by:gk906
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39729590
Does this machine that you recovered hold the FSMO roles? What you might need to do is log on to the machine "locally" and then remove then re-add to the domain (without rebooting). Once you have added the machine back into the domain you can reboot and then try and logging back into the domain.

Once you have got back into the domain controller you will need to seize the FSMO roles to the domain controller you are currently logged into.

Seizing/Transfering FSMO Roles - http://support.microsoft.com/kb/255504

Will.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 39729598
you "I'm trying to do a test restoration of our single domain controller "
Is this the only domain controller on the network?

When doing a domain controller restore you perform a nonauthoritative restore of Active Directory Domain Services (AD DS)

Did you do that?

Here are the procedures

http://technet.microsoft.com/en-us/library/cc772519(v=WS.10).aspx

Best to have two domain controllers having just one makes it harder to recover.
0
 
LVL 4

Expert Comment

by:amclaughlin01
ID: 39729601
Are you trying to log into the server itself or are you trying to login on a workstation to the server?

If it's a workstation, log in locally as an administrator, then run the network ID wizard under the properties of MyComputer > Change Settings.  This will reset the computer account password in AD, which will then allow you to login to the network.

AD will periodically change an AD computer account password.  When you restored the server, it is most likely that the password had been changed and now they are not in sync causing the error you are seeing.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:mebaby333
ID: 39729617
Have you tried disconnecting it from the network and logging on? Or logging in locally so you can repair the issue?

Ha ha guess I was late... :)
0
 

Author Comment

by:gk906
ID: 39729741
To answer your questions:

This is a single DC environment, so it has all of the FSMO roles on it.  Since it's a DC there's no way for me to log on locally

The link provided regarding non-authoritative DS restore refers to Windows Backup, which is not in play here.

This test server is not currently connected to any network.  It's just a test-restore in VMWare.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 39729792
•The link provided regarding non-authoritative DS restore refers to Windows Backup, which is not in play here.

I would then contact Symantec here is a link to what I found

http://www.symantec.com/business/support/index?page=content&id=TECH87405&actp=search&viewlocale=en_US&searchid=1387474293479
0
 
LVL 5

Accepted Solution

by:
mebaby333 earned 500 total points
ID: 39729902
Here is a symantec convo that may benefit you....

http://www.symantec.com/connect/forums/security-database-server-does-not-have-computer

Another user with same issue... keep reading :)

There is a hidden switch in the recovery program...
0
 
LVL 5

Expert Comment

by:mebaby333
ID: 39730440
Have you tried to restore again and change the switch within the restore program yet? I am interested to see if this repairs your issue
0
 

Author Comment

by:gk906
ID: 39731687
I haven't dug back into this yet, but hope to do so today.  I'll post back the results.
0
 

Author Comment

by:gk906
ID: 39732040
I'm just doing the test-restore again right now, but it makes sense that the Windows mini-setup generated a new SID and that's why I can't login.  I have used the hidden settings before but it's been a LONG time.  Thanks for the refresher!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question