Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

can not log on as domain administrator on DC (2008r2) or any other user

Posted on 2015-01-20
9
Medium Priority
?
119 Views
Last Modified: 2016-11-23
Hello all

i have a Dell T610 that is playing up, over the Christmas break, the server was restarted but hung at a screen prompt (drac card had failed - this has since been replace by dell)

when the machine came back online, i have been unable to log onto it both through an RDP (no available rdp license servers available supposedly...) an trying log on direct as domain administrator, it states

"The security database on the server does no have a computer account for this workstation trust relationship"

any ideas???

i need the data off the server, but then it can be flattened!

thanks







an attempt was made to logon but the network service was not started
0
Comment
Question by:mudcow007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 3

Expert Comment

by:kola12
ID: 40559385
Can You log in safe mode on lacal admin account?
0
 

Author Comment

by:mudcow007
ID: 40559430
I just tried safe mode with networking, as the windows log on screen came up, i pressed ctrl alt delete an the machine restarted...grr

i will try just "normal" safe mode an come back to you
0
 

Author Comment

by:mudcow007
ID: 40559437
selected safe mode, machine started to load all the files, screen goes blank an it restarts

not looking good
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 24

Expert Comment

by:VB ITS
ID: 40559684
Do you know your DSRM password? If so, I'd log in and check if your DC has a duplicate SPN as this is a known cause of the error message:

- Reboot the server in Directory Services Restore Mode by tapping your F8 key at startup and choosing Directory Services Restore Mode from the list
- Log in with your DSRM password
- Open an elevated Command Prompt
- Type in setspn -x to list any duplicate
- If you find a duplicate entry in the list, use setspn -d command to get rid of it

See this article for more info: http://support.microsoft.com/kb/2015518
0
 

Author Comment

by:mudcow007
ID: 40561626
right, looking a bit more positive!

tried VB ITS's comment

pressed F8 to Directory Restore Mode, get a windows login, logged in as local admin (which hasnt worked up til this point)

right clicked cmd "run as administrator" typed setspn -x and got

Ldap Error(0x51 --Server Down): ladap _connect
failed to retrieve DN for domain "" : 0x00000051
Warning: No valid targets specified, reverting to current domain.
Ldap Error(0x51 -- Server Down) : ldap_connect

Open in new window

0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40561740
Check the Event Logs - any errors/warnings in there related to AD? If you do find any errors/warnings, please post them here.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 40563453
i need the data off the server, but then it can be flattened!
If you're just looking to copy data off of the server before wiping it, this would be a great time to do so. I'm not sure I'd even worry about recovering it; just wipe, do a metadata cleanup, and reload.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 2000 total points
ID: 40563619
Good point DrDave242, didn't see that bit in the original question.

@mudcow007: now that you can get into Windows, it may be easier to copy the files you need to an external USB drive then blow away the server.

You can follow the steps in this guide if you want go to down this path: http://www.chaseoriginal.com/techcell/technotes/clean-up-active-directory-domain-controller-manually/
0
 

Author Closing Comment

by:mudcow007
ID: 40672993
link was great cheers VB
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question