A customer has lost administrative access to his only server. No other member servers in AD. No other domain controllers. 5 PCs and 6 User objects. It's Server 2008 R2 Standard and he is running Acronis Backup.
I can narrow down the incident to last weekend: We accessed the server as administrator on saturday 9am.
From Monday on I get "user is deactivated" on logon. Strange: I get this regardless of the password - even on a wrong password.
I noticed later, that obviously users frequently access the server desktop as administrator via RDP to do something in a software that runs only there.
Anyway - I have to restore this somehow and my question is this: Can I just copy back the ADS database at C:\Windows\NTDS from my backup? Acronis won't start in directory services recover mode...
Or does anybody have an equally simple idea?