We help IT Professionals succeed at work.

Windows 2016 Primary Domain Controller Restore result in AD error

I have a PDC running windows server 2016 on a VMware environment using Veeam Backup & Recovery. I was hit with they RYUK ransomware virus. I have shutdown all my VMs and disconnected all my computers on the network but one that is clean, I have restored my PDC from a good backup when it was working. However after restore windows boots in safe mode and AD is not accessible. I found a Veeam forum to run "bcdedit /deletevalue safeboot" and reboot into normal mode but I still cannot access Active Directory, says that domain could not be found.
How do I get my PDC back up after restore?
Comment
Watch Question

Mal OsborneAlpha Geek
CERTIFIED EXPERT

Commented:
Questions:
1. Is the server now booting up outside of safe mode?
2. Is the server running DNS, with the service started?
3. Is the server using its local DNS server?
Dennis JansonIT Manager

Author

Commented:
1. Yes. Didnt at first, but turned off safe mode and rebooted.
2. DNS is running
3. Yes, using itself IP for DNS. This is the PDC.
Mal OsborneAlpha Geek
CERTIFIED EXPERT

Commented:
OK, open DNS Manager.

You should see a heap of records that define your domain.

Are these records there?

https://blogs.msdn.microsoft.com/servergeeks/2014/07/12/dns-records-that-are-required-for-proper-functionality-of-active-directory/
Dennis JansonIT Manager

Author

Commented:
Yes, weird part is the server name looks to be missing on the map.
DNS.jpg
Mal OsborneAlpha Geek
CERTIFIED EXPERT

Commented:
Are these two boxes ticked on the properties of the NIC?

Client.PNG
And updates allowed in DNS manager?

srv.PNG
Dennis JansonIT Manager

Author

Commented:
The NIC settings are matching yours. I cannot find the settings in your second screenshot.
Mal OsborneAlpha Geek
CERTIFIED EXPERT

Commented:
dns.PNG
Dennis JansonIT Manager

Author

Commented:
Yes, it is on secure only.
Mal OsborneAlpha Geek
CERTIFIED EXPERT

Commented:
Is the server set as an AD Global Catalog?
IT Manager
Commented:
This was not a DNS issue but instead a Sysvol and Netlogon Shares issue along with database sync between DCs. We had 2 DCs but we restored them one at a time. Since there was nothing to replicate off of, the AD just didn't come online. We had some 3rd party experts come in and repair the necessary registry keys and databases.