Solved

Active Directory problem after System State restore

Posted on 2016-07-26
9
51 Views
Last Modified: 2016-08-05
After performing a system state restore on a different hyper V hardware, Active directory seems to run on for a little bit then we lose it. When opening Active directory we get a message ad  I restarted the active directory service and it looks like it started workign again after about 10 minutes. The event log points towards the global catalogue missing, but im not sure why this would be after a system state restore ScreenHunter_21-Jul.-26-22.51.jpg
Advise would be very helpful
ScreenHunter_21-Jul.-26-22.51.jpg
0
Comment
Question by:David
  • 6
  • 3
9 Comments
 

Author Comment

by:David
ID: 41730278
to add this is the only DC which runs active directory and exchange on server 2008 R2
0
 

Author Comment

by:David
ID: 41730311
running dcdiag i see the follow fails
dcdiag.txt
0
 

Author Comment

by:David
ID: 41730353
nltest /dsgetdc:domainaname.co.uk /gc

gives error

getting DC name failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 41731033
Seems like your DNS is not updated or have some staled records. you'll need to enable scavenging on it. make sure that all your domains are replicating properly.

use repadmin /showrepl and repadmin /replsum to see the replication.  you can add /e parameter to include all DCs in the forest.

make sure all firewalls are disabled.
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 41731034
I would also highly recommend that you install an additional new DC as soon as possible and demote this one that you got from a recovery. it's not recommended to work on recovered DC in production environment.
0
 

Author Comment

by:David
ID: 41732178
Early this morning I made the call to Microsoft and it was an issue with the file replication service
And the netlogon and sysvol were no longer shared causing the issue.

Yes we are planning to migrate the email off to office365
And then will make a decision on the rest

The reason for recovery was because of a crypto virus that got onto the c drive
0
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 41732485
Great. so your problem got solved?
0
 

Accepted Solution

by:
David earned 0 total points
ID: 41736765
Yes thanks


The resolution for the issue, Server 2008R2 , system state restore, global catalog missing;
 
You had opened the case with us for issue, Domain Controller 'SERVER.domain.co.uk' is failing test advertising in dcdiag.
We found that, DC was in Journal Wrap
1.) DC was not advertising as GC.

2.) Checked DCDIAG, it was failing connectivity test.

3.) Checked using net share command and the sysvol and netlogon shares were not shared.

4.) In the events found that the DC was in Journal Wrap.

5.) Performed authoritative restore for sysvol as follows;
---------------------------------------------------------------------------------------------------------------------------------
i. Click Start, and then click Run.
ii. In the Open box, type cmd and then press ENTER.
iii. In the Command box, type net stop ntfrs.
iv. Click Start, and then click Run.
v. In the Open box, type regedit and then press ENTER.
vi. Locate the following key in the registry:
-- KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets
vii. Below the Cumulative Replica Sets subkey, locate the GUID.
viii. In the right pane, double click BurFlags.
ix. In the Edit DWORD Value dialog box, type D4 to complete an authoritative restore, and then click OK.
x. Quit Registry Editor, and then switch to the Command box.
xi. In the Command box, type net start ntfrs.
xii. Quit the Command box.
---------------------------------------------------------------------------------------------------------------------------------

6.) Got the event 13516 for sysvol. Issue resolved.
0
 

Author Closing Comment

by:David
ID: 41743966
spoke with MS support
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now