Help with Single Server DC Problem

I  have a small business client with a single server running windows server 2008 R2 SP1.  It is a DC running Exchange 2010.  They recently moved and had some issues getting the server running.  One of their people decided to run "boot from last known good configuration" before calling me.

The server was renamed. When I run DCDIAG, it fails with the following errors:

Microsoft Windows [Version 6.1.7601]

Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>dcdiag

Directory Server Diagnosis

Performing initial setup:

   Trying to find home server...

   Home Server = lawserv3

   [lawserv3] Directory Binding Error -2146893022:

   The target principal name is incorrect.

   This may limit some of the tests that can be performed.

   * Identified AD Forest.

   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\LAWSERV3

      Starting test: Connectivity

         [LAWSERV3] DsBindWithSpnEx() failed with error -2146893022,

         The target principal name is incorrect..

         Got error while checking LDAP and RPC connectivity. Please check your

         firewall settings.

         ......................... LAWSERV3 failed test Connectivity




Doing primary tests

   Testing server: Default-First-Site-Name\LAWSERV3

      Skipping all tests, because server LAWSERV3 is not responding to

      directory service requests.

   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation




   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation




   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation




   Running partition tests on : barton-larson

      Starting test: CheckSDRefDom

         ......................... barton-larson passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... barton-larson passed test CrossRefValidation




   Running enterprise tests on : barton-larson.local

      Starting test: LocatorCheck

         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722

         A Global Catalog Server could not be located - All GC's are down.

         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722

         A Primary Domain Controller could not be located.

         The server holding the PDC role is down.

         Warning: DcGetDcName(TIME_SERVER) call failed, error 1722

         A Time Server could not be located.

         The server holding the PDC role is down.

         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error

         1722

         A Good Time Server could not be located.

         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722

         A KDC could not be located - All the KDCs are down.

         ......................... barton-larson.local failed test LocatorCheck

      Starting test: Intersite

         ......................... barton-larson.local passed test Intersite




C:\Windows\system32>net start rpc

The service name is invalid.




More help is available by typing NET HELPMSG 2185.




When I run net config workstation, I get this:

C:\Windows\system32>net config wksta
Computer name                        \\WIN-LU3PMOAA40D
Full Computer name                   lawserv3.barton-larson.local
User name                            Administrator

Workstation active on

        NetBT_Tcpip_{089B9B66-13F7-4DF2-A89A-6FB6FD2A31B4} (B499BA5C122C)

Software version                     Windows Server 2008 R2 Standard




Workstation domain                   BARTON-LARSON

Workstation Domain DNS Name          barton-larson.local

Logon domain                         BARTON-LARSON




COM Open Timeout (sec)               0

COM Send Count (byte)                16

COM Send Timeout (msec)              250

The command completed successfully.


DCDiag knows the name is still LAWSERV3, but elsewhere it was renamed when it was restarted using the last known good configuration.

Restoring could be dicecy.  Their backup was a full volume backup to a USB drive using Windows Backup.

Any attempts to rename using NETDOM does not work because there is not active DC to verify.

Looking for help on how to resolve this.

Thanks!
tedwillAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yo_beeDirector of Information TechnologyCommented:
If you have a good full backup then you can try a non-authoritative restore.
just forcing on the system state of the backup.

This will bring the server back to that point in time.


https://technet.microsoft.com/en-us/library/cc816627(v=ws.10).aspx
Will SzymkowskiSenior Solution ArchitectCommented:
Is this the only DC in your domain? If so then a non-authoritative restore is not correct. You will need to perform an "Authoritative" restore. Performing a non-authoritative restore means the DC will come up and request updates from other DC's that are online. Also if it is the only DC it will still not work because it will not see itself as being the FSMO role holder.

You need to also make sure that you perform an Authoritative Restore of Sysvol as well.

Also you said that they changed the domain controller name? If that is the case i am assuming that they did not do it using the appropriate method?

Renaming a domain controller
https://technet.microsoft.com/en-ca/library/cc740045(v=ws.10).aspx

Another issue you might face as well is getting Exchange Server back online after a restore. Because Exchange is not recommended to run on a DC, Exchange becomes a lot more sensitive to what you do to the DC it is installed on.

Be prepared to have a backup of Exchange because changing the name of a DC where Exchange is installed on, might require a complete rebuild.

Will.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
yo_beeDirector of Information TechnologyCommented:
Sorry for the misguided information.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.