?
Solved

Active Directory problem after System State restore

Posted on 2016-07-26
9
Medium Priority
?
78 Views
Last Modified: 2016-08-05
After performing a system state restore on a different hyper V hardware, Active directory seems to run on for a little bit then we lose it. When opening Active directory we get a message ad  I restarted the active directory service and it looks like it started workign again after about 10 minutes. The event log points towards the global catalogue missing, but im not sure why this would be after a system state restore ScreenHunter_21-Jul.-26-22.51.jpg
Advise would be very helpful
ScreenHunter_21-Jul.-26-22.51.jpg
0
Comment
Question by:David
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 

Author Comment

by:David
ID: 41730278
to add this is the only DC which runs active directory and exchange on server 2008 R2
0
 

Author Comment

by:David
ID: 41730311
running dcdiag i see the follow fails
dcdiag.txt
0
 

Author Comment

by:David
ID: 41730353
nltest /dsgetdc:domainaname.co.uk /gc

gives error

getting DC name failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 41731033
Seems like your DNS is not updated or have some staled records. you'll need to enable scavenging on it. make sure that all your domains are replicating properly.

use repadmin /showrepl and repadmin /replsum to see the replication.  you can add /e parameter to include all DCs in the forest.

make sure all firewalls are disabled.
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 41731034
I would also highly recommend that you install an additional new DC as soon as possible and demote this one that you got from a recovery. it's not recommended to work on recovered DC in production environment.
0
 

Author Comment

by:David
ID: 41732178
Early this morning I made the call to Microsoft and it was an issue with the file replication service
And the netlogon and sysvol were no longer shared causing the issue.

Yes we are planning to migrate the email off to office365
And then will make a decision on the rest

The reason for recovery was because of a crypto virus that got onto the c drive
0
 
LVL 24

Expert Comment

by:Mohammed Hamada
ID: 41732485
Great. so your problem got solved?
0
 

Accepted Solution

by:
David earned 0 total points
ID: 41736765
Yes thanks


The resolution for the issue, Server 2008R2 , system state restore, global catalog missing;
 
You had opened the case with us for issue, Domain Controller 'SERVER.domain.co.uk' is failing test advertising in dcdiag.
We found that, DC was in Journal Wrap
1.) DC was not advertising as GC.

2.) Checked DCDIAG, it was failing connectivity test.

3.) Checked using net share command and the sysvol and netlogon shares were not shared.

4.) In the events found that the DC was in Journal Wrap.

5.) Performed authoritative restore for sysvol as follows;
---------------------------------------------------------------------------------------------------------------------------------
i. Click Start, and then click Run.
ii. In the Open box, type cmd and then press ENTER.
iii. In the Command box, type net stop ntfrs.
iv. Click Start, and then click Run.
v. In the Open box, type regedit and then press ENTER.
vi. Locate the following key in the registry:
-- KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets
vii. Below the Cumulative Replica Sets subkey, locate the GUID.
viii. In the right pane, double click BurFlags.
ix. In the Edit DWORD Value dialog box, type D4 to complete an authoritative restore, and then click OK.
x. Quit Registry Editor, and then switch to the Command box.
xi. In the Command box, type net start ntfrs.
xii. Quit the Command box.
---------------------------------------------------------------------------------------------------------------------------------

6.) Got the event 13516 for sysvol. Issue resolved.
0
 

Author Closing Comment

by:David
ID: 41743966
spoke with MS support
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This video discusses moving either the default database or any database to a new volume.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question