I recently had a problem which you all helped me through. I now have an additional problem that hopefully you can help me with. We have an old 2003 domain that will be upgraded in a project this spring, but I have to make it last until then.
Some background - our network was setup with one 2003 dc which was the dns server, fsmo roles, and the gc. There was one additional dc which wasn't a gc.
The main dc failed, and we had to seize the roles with the remaining dc, and make it a gc and a dns server. It is performing properly as far as I can tell.
However, I want to add another domain controller so that if the current one crashes, it's not catastrophic. However, whenever I add the domain controller role to another server, and do the mandatory reboot, I get this message:
Security account manager initialization failed because of the following error: Directory Service cannot start. Error status: 0xc00002e1
I have tried making an existing server a dc, and after I got the above error, I built a new 2003 server from scratch, and I get the same message. Does this mean my AD is corrupt, and I can't add a dc? Or is there a step I'm missing? Do I need to do something before adding the role?