RE: Domain comtroller crashed
From: Bob Christian (anonymous_at_discussions.microsoft.com)
Date: 05/18/04
- Next message: Eduard Koller [MSFT]: "Re: Certificate service"
- Previous message: Sean Siler: "Re: Where does AD support fit ?"
- In reply to: Nasser: "Domain comtroller crashed"
- Next in thread: Nasser: "RE: Domain comtroller crashed"
- Reply: Nasser: "RE: Domain comtroller crashed"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 18 May 2004 10:56:05 -0700
I am assuming that DC1 died completely...i.e. drive crash and no information was recoverable AND there were no backups with the system state...so there is no possibility of performing a non-authoritative restore. I am also assuming that this is a forest root domain.
There are a few issues to review...
1) What is the location of the FSMO role holder(s)? If they are not on DC2, you may have to sieze them until you get DC1 sorted back out. Is DC2 a GC?
Check KB 255504 and KB 223787 at support.microsoft.com for info on FSMO role seizure.
2) Did you clean DC1 out of metadata before rebuilding it? (Again, I am assuming that DC1 died completely).
Check KB 247393 and KB 216498 at support.microsoft.com for into on cleaning DC information from metadata.
Note that on the current server you may have to ensure that it is a member server in a workgroup. From DC2 you would clean the information. Then you would add the server to the domain as a member and then promote it again.
Note: DC2 does not need to be the default gateway....that should be a router. However, it should likely be your DNS server unless you are using other DNS servers (Linux, Cisco Network Registrar, etc.) to service your DNS for your AD forest/domain.
Granted, this information is vague...but it should get you pointed on the right track.
Bob
----- Nasser wrote: -----
OK. I setup a new DC, lets call it DC1, and istablished a
new tree. then remotely over frame relay, I set up another
domain controller, lets call it DC2. DC1 crashed and I
lost everything. DC2 is still operational with the
messages about not finding DC1 for replication. Now I
installed windows 2000 server again on DC1. during the
configuration of active directory on DC1 I selected DC1 as
a secondary DC and entered the domain name. everything
went fine. Id like to mention that before I set up active
directory, I was told that I should enter the ip of DC2 as
the DNS and Gateway for DC1, otherwise the active
directory setup was not gonna work. so now I keep getting
a message in the system log "The account-identifier
allocator failed to initialize properly. The record data
contains the NT error code that caused the failure.
Windows 2000 will retry the initialization until it
succeeds; until that time, account creation will be denied
on this Domain Controller. Please look for other SAM
event logs that may indicate the exact reason for the
failure." so now I can't add any new user or delete any
user. sure there is lots more than that, but for now Im
trying to solve this problem. I could use a hand.
Thanks
- Next message: Eduard Koller [MSFT]: "Re: Certificate service"
- Previous message: Sean Siler: "Re: Where does AD support fit ?"
- In reply to: Nasser: "Domain comtroller crashed"
- Next in thread: Nasser: "RE: Domain comtroller crashed"
- Reply: Nasser: "RE: Domain comtroller crashed"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
