Help with Single Server DC Problem

tedwill
tedwill used Ask the Experts™
on
I  have a small business client with a single server running windows server 2008 R2 SP1.  It is a DC running Exchange 2010.  They recently moved and had some issues getting the server running.  One of their people decided to run "boot from last known good configuration" before calling me.

The server was renamed. When I run DCDIAG, it fails with the following errors:

Microsoft Windows [Version 6.1.7601]

Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>dcdiag

Directory Server Diagnosis

Performing initial setup:

   Trying to find home server...

   Home Server = lawserv3

   [lawserv3] Directory Binding Error -2146893022:

   The target principal name is incorrect.

   This may limit some of the tests that can be performed.

   * Identified AD Forest.

   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\LAWSERV3

      Starting test: Connectivity

         [LAWSERV3] DsBindWithSpnEx() failed with error -2146893022,

         The target principal name is incorrect..

         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... LAWSERV3 failed test Connectivity




Doing primary tests

   Testing server: Default-First-Site-Name\LAWSERV3

      Skipping all tests, because server LAWSERV3 is not responding to

      directory service requests.

   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation




   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation




   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation




   Running partition tests on : barton-larson

      Starting test: CheckSDRefDom

         ......................... barton-larson passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... barton-larson passed test CrossRefValidation




   Running enterprise tests on : barton-larson.local

      Starting test: LocatorCheck

         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722

         A Global Catalog Server could not be located - All GC's are down.

         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722

         A Primary Domain Controller could not be located.

         The server holding the PDC role is down.

         Warning: DcGetDcName(TIME_SERVER) call failed, error 1722

         A Time Server could not be located.

         The server holding the PDC role is down.

         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error

         1722

         A Good Time Server could not be located.

         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722

         A KDC could not be located - All the KDCs are down.

         ......................... barton-larson.local failed test LocatorCheck

      Starting test: Intersite

         ......................... barton-larson.local passed test Intersite




C:\Windows\system32>net start rpc

The service name is invalid.




More help is available by typing NET HELPMSG 2185.




When I run net config workstation, I get this:

C:\Windows\system32>net config wksta
Computer name                        \\WIN-LU3PMOAA40D
Full Computer name                   lawserv3.barton-larson.local
User name                            Administrator

Workstation active on

        NetBT_Tcpip_{089B9B66-13F7-4DF2-A89A-6FB6FD2A31B4} (B499BA5C122C)

Software version                     Windows Server 2008 R2 Standard




Workstation domain                   BARTON-LARSON

Workstation Domain DNS Name          barton-larson.local

Logon domain                         BARTON-LARSON




COM Open Timeout (sec)               0

COM Send Count (byte)                16

COM Send Timeout (msec)              250

The command completed successfully.


DCDiag knows the name is still LAWSERV3, but elsewhere it was renamed when it was restarted using the last known good configuration.

Restoring could be dicecy.  Their backup was a full volume backup to a USB drive using Windows Backup.

Any attempts to rename using NETDOM does not work because there is not active DC to verify.

Looking for help on how to resolve this.

Thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
yo_beeDirector of Information Technology

Commented:
If you have a good full backup then you can try a non-authoritative restore.
just forcing on the system state of the backup.

This will bring the server back to that point in time.


https://technet.microsoft.com/en-us/library/cc816627(v=ws.10).aspx
Senior Solution Architect
Most Valuable Expert 2015
Top Expert 2015
Commented:
Is this the only DC in your domain? If so then a non-authoritative restore is not correct. You will need to perform an "Authoritative" restore. Performing a non-authoritative restore means the DC will come up and request updates from other DC's that are online. Also if it is the only DC it will still not work because it will not see itself as being the FSMO role holder.

You need to also make sure that you perform an Authoritative Restore of Sysvol as well.

Also you said that they changed the domain controller name? If that is the case i am assuming that they did not do it using the appropriate method?

Renaming a domain controller
https://technet.microsoft.com/en-ca/library/cc740045(v=ws.10).aspx

Another issue you might face as well is getting Exchange Server back online after a restore. Because Exchange is not recommended to run on a DC, Exchange becomes a lot more sensitive to what you do to the DC it is installed on.

Be prepared to have a backup of Exchange because changing the name of a DC where Exchange is installed on, might require a complete rebuild.

Will.
yo_beeDirector of Information Technology

Commented:
Sorry for the misguided information.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial