Solved

can not log on as domain administrator on DC (2008r2) or any other user

Posted on 2015-01-20
9
98 Views
Last Modified: 2016-11-23
Hello all

i have a Dell T610 that is playing up, over the Christmas break, the server was restarted but hung at a screen prompt (drac card had failed - this has since been replace by dell)

when the machine came back online, i have been unable to log onto it both through an RDP (no available rdp license servers available supposedly...) an trying log on direct as domain administrator, it states

"The security database on the server does no have a computer account for this workstation trust relationship"

any ideas???

i need the data off the server, but then it can be flattened!

thanks







an attempt was made to logon but the network service was not started
0
Comment
Question by:mudcow007
9 Comments
 
LVL 3

Expert Comment

by:kola12
ID: 40559385
Can You log in safe mode on lacal admin account?
0
 

Author Comment

by:mudcow007
ID: 40559430
I just tried safe mode with networking, as the windows log on screen came up, i pressed ctrl alt delete an the machine restarted...grr

i will try just "normal" safe mode an come back to you
0
 

Author Comment

by:mudcow007
ID: 40559437
selected safe mode, machine started to load all the files, screen goes blank an it restarts

not looking good
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40559684
Do you know your DSRM password? If so, I'd log in and check if your DC has a duplicate SPN as this is a known cause of the error message:

- Reboot the server in Directory Services Restore Mode by tapping your F8 key at startup and choosing Directory Services Restore Mode from the list
- Log in with your DSRM password
- Open an elevated Command Prompt
- Type in setspn -x to list any duplicate
- If you find a duplicate entry in the list, use setspn -d command to get rid of it

See this article for more info: http://support.microsoft.com/kb/2015518
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:mudcow007
ID: 40561626
right, looking a bit more positive!

tried VB ITS's comment

pressed F8 to Directory Restore Mode, get a windows login, logged in as local admin (which hasnt worked up til this point)

right clicked cmd "run as administrator" typed setspn -x and got

Ldap Error(0x51 --Server Down): ladap _connect
failed to retrieve DN for domain "" : 0x00000051
Warning: No valid targets specified, reverting to current domain.
Ldap Error(0x51 -- Server Down) : ldap_connect

Open in new window

0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40561740
Check the Event Logs - any errors/warnings in there related to AD? If you do find any errors/warnings, please post them here.
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 40563453
i need the data off the server, but then it can be flattened!
If you're just looking to copy data off of the server before wiping it, this would be a great time to do so. I'm not sure I'd even worry about recovering it; just wipe, do a metadata cleanup, and reload.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 500 total points
ID: 40563619
Good point DrDave242, didn't see that bit in the original question.

@mudcow007: now that you can get into Windows, it may be easier to copy the files you need to an external USB drive then blow away the server.

You can follow the steps in this guide if you want go to down this path: http://www.chaseoriginal.com/techcell/technotes/clean-up-active-directory-domain-controller-manually/
0
 

Author Closing Comment

by:mudcow007
ID: 40672993
link was great cheers VB
0

Featured Post

How does your email signature look on mobiles?

Do your employees use mobile devices to reply to emails? With mobile becoming increasingly important to the business world, it is in your best interest to make sure that your email signature looks great across all types of devices.

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now