?
Solved

Server 2008 Active Directory Issues

Posted on 2014-03-28
12
Medium Priority
?
341 Views
Last Modified: 2014-03-29
Had two servers running one SBS 2003  one Server 2008.

SBS 2003 crashed and is beyond recovery - users started reporting problems logging into domain.

Attempted to seize all FSMO roles on Server 2008 (not sure if it worked) but still seeing significant AD issues.

When attempting to open AD Users and Computers from Admin Tools - receive the following error...

Naming information cannot be located because:-
The specified domain either does not exist or could not be contacted.

Contact your system administrator to to verify that your domain is properly configured and is currently online.


Is there any way I can (a) diagnose just what is wrong with AD and (b) fix it without wiping out the server  (we are also running Exchange on this server).
0
Comment
Question by:Lisaa_G
  • 8
  • 3
12 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 1500 total points
ID: 39962881
Hi,

If SBS is not recoverable then

1. run the metadata cleanup (http://support.microsoft.com/kb/216498)
2. make sure that in DNS, ADUC and "Site & services" donot has SBS server records.
3.run DCDIAG /V and see the error.
0
 

Author Comment

by:Lisaa_G
ID: 39962927
How do I run metadata cleanup?

Cannot access ADUC and Sites and Services (see error in post)

Trying to capture full DCdiag output for you
0
 
LVL 12

Expert Comment

by:Sommerblink
ID: 39962929
Attempted to seize all FSMO roles on Server 2008 (not sure if it worked) but still seeing significant AD issues.
From the 2008 machine you can see who the FSMO owner(s) are by executing the following command "netdom query fsmo"

In addition to the advice above, also make sure that you've updated the DNS records for all the computers that are members of the domain, removing the failed SBS IP address.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39962932
for metadata cleanup you donot need the ADUC. see the url  (http://support.microsoft.com/kb/216498) and follow it.
0
 

Author Comment

by:Lisaa_G
ID: 39962934
DCdiag output attached
DCdiag-log-March28.txt
0
 

Author Comment

by:Lisaa_G
ID: 39962940
My apologies.... does (http://support.microsoft.com/kb/216498) apply to Server 2008?
0
 

Author Comment

by:Lisaa_G
ID: 39962944
Netdom query FSMO  results in the specified domain either does not exist or could not be contacted.  The command failed to complete successfully
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39962953
yes,
0
 

Author Comment

by:Lisaa_G
ID: 39962962
OK - I will try the METADATA cleanup
0
 

Author Comment

by:Lisaa_G
ID: 39963034
METADATA Cleanup complete
proceeding on with the remainder of your instructions
0
 

Author Comment

by:Lisaa_G
ID: 39963109
Ok - I seem to have restored at least some of the AD

I have Exchange errors and Group Policy errors that are AD related but I will open a separate question for those
0
 

Author Closing Comment

by:Lisaa_G
ID: 39963848
This corrected some of my AD issues but did not ultimately leave the server in a functional state
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question