Windows Server: Active Directory database repair after Domain Controller failure

Summary: How to repair Active Directory in Windows Server operating systems after Domain Controller failure?

Article Content


Symptoms

This article addresses Active Directory Repair on Windows Server operating systems.


 

 

Issue:

Upon startup, a Windows Server 2003 Active Directory domain controller (DC) displays a message prior to the login prompt, similar to this:

Application popup: lsass.exe - System Error : Security Accounts Manager initialization failed because of the following error: Directory Service cannot start. Error Status: 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information.

The Active Directory (AD) database is corrupt; the server cannot authenticate AD domain members and will not boot into normal mode.

 

Solution:

In the absence of a recent systems state backup, the following steps may be used as an AD recovery attempt.

1. Restart the DC in Directory Services Restore Mode (DSRM).

    a.  On server startup, press F8 after the system BIOS and hardware service (e.g. PERC, iDRAC) initializations are complete. 

    b.  From the boot menu, select 'Directory Services Restore Mode' and press Enter.


2. From the Windows Start button select Run and type 'cmd' to open a command prompt.

    Type 'ESENTUTL /g C:\windows\NTDS\ntds.dit /!10240 /8 /o' and press Enter to do the initial integrity check.

SLN289101_en_US__1W_ad__repair1_JM_V2

    In cases of database inconsistencies an error message, e.g.  'results CORRUPTED, -1206' will be returned.

3. Next, type 'NTDSUTIL' and press Enter.  This launches the NTDS tools set.

    a.  At the prompt type 'Files' and press Enter to get to the NTDS file management utility

    b.  At the file maintenance: prompt type 'info' and press Enter to show locations of all AD database-related files.

SLN289101_en_US__2W_ad__repair2_JM_V1

4. At the file maintenance: prompt type 'Recover' and press Enter.  This will initiate a 'soft' recovery of the AD database.

SLN289101_en_US__3W_ad__repair3_JM_V1

 

Note: With rare exception, this step is not sufficient in addressing the problem; it is, primarily, a preliminary step in diagnosing the depth of the issue.

    Enter 'quit' at each prompt until returned to the Command (C:\<path>) prompt.

5. From the Command prompt type 'ESENTUTL /ml c:\windows\ntds\edb' to check the AD Database log files.

SLN289101_en_US__4W_ad__repair4_JM_V1

    If this step fails, issue the following commands and press Enter after each:

    a.  'DEL *.log'

    b.  'DEL *.chk'

    and proceed to Step 6.

6. From the Command prompt type 'ESENTUTL /p C:\Winnt\NTDS\ntds.dit /!10240 /8 /o' and press Enter to perform a 'hard' recovery
    of the AD Database.

SLN289101_en_US__5W_ad__repair5_JM_V1

 

Warning: Upon successful completion, ESENTUTL /p returns the database to the state of its last committed transaction. Recent changes may be lost; for this reason a full System State restore from daily backup is the best-practice method of recovering an AD server.

7. From the Command prompt type 'ESENTUTL /g C:\Winnt\NTDS\ntds.dit /!10240 /8 /o' and press Enter to ensure database consistency.

SLN289101_en_US__6W_ad__repair6_JM_V1

8. Return to the NTDSUTIL prompt (see Step 3) and type 'sem dat ana' (truncated from 'Semantic Database Analysis') and press Enter.
    From the semantic checker: prompt type 'go' and press Enter.

SLN289101_en_US__7W_ad__repair7_JM_V1

    If a problem is detected, type 'go fix' and press Enter.

9. Restart the server in Normal Mode upon completion of all steps.

 

Additional Information:

http://support.microsoft.com/kb/258062

 


Need more help?  
SLN289101_en_US__8cloud Find additional PowerEdge and PowerVault articles
Watch Part Replacement Videos for Enterprise products
   
SLN289101_en_US__9chat

Visit and ask for support in our Communities

   
SLN289101_en_US__10key

Create an online support Request

Article Properties


Affected Product

Microsoft Windows 2012 Server R2, Microsoft Windows 2008 Server R2, Microsoft Windows 2008 Server Service Pack 2, Microsoft Windows 2012 Server, DSS 2500, DSS 7500, DSS 8440, DSS 9000J, DSS 9000R, DSS 9600, DSS 9620, DSS 9630, DSS 1500, DSS 1510, DSS 7000, PowerApp 100, PowerApp 110, PowerApp 120, PowerApp 200, PowerApp 220, PowerApp w100 web, Dell vStart 50, Dell vStart v1000, Dell vStart v200, PowerEdge XR2, PowerEdge 1300, PowerEdge 1400SC, PowerEdge SC1420, PowerEdge SC1425, PowerEdge SC1430, PowerEdge SC1435, PowerEdge 1500SC, PowerEdge 1550, PowerEdge 1600SC, PowerEdge 1650, PowerEdge 1655MC, PowerEdge 1750, PowerEdge 1800, PowerEdge 1850, PowerEdge 1855, PowerEdge 1900, PowerEdge 1950, PowerEdge 1955, PowerEdge 2100, PowerEdge 2200, PowerEdge 2300, PowerEdge 2400, PowerEdge 2450, PowerEdge 2500, PowerEdge 2500SC, PowerEdge 2550, PowerEdge 2800, PowerEdge 2850, PowerEdge 2900, PowerEdge 2950, PowerEdge 2970, PowerEdge 300, PowerEdge 300SC, PowerEdge 3250, PowerEdge 350, PowerEdge 400SC, PowerEdge 4100, PowerEdge 4300, PowerEdge 4350, PowerEdge 4400, PowerEdge SP 4__, PowerEdge XE 4__, PowerEdge 500SC, PowerEdge XL 5133-4, PowerEdge 600SC, PowerEdge 6300, PowerEdge 6350, PowerEdge 6400, PowerEdge 6450, PowerEdge 650, PowerEdge 6800, PowerEdge 6850, PowerEdge 6950, PowerEdge 700, PowerEdge 7150, PowerEdge 7250, PowerEdge 750, PowerEdge 800, PowerEdge 830, PowerEdge 840, PowerEdge 8450, PowerEdge 850, PowerEdge 860, PowerEdge C1100, PowerEdge C2100, PowerEdge C410X, PowerEdge C4130, PowerEdge C4140, PowerEdge C5000, PowerEdge C5125, PowerEdge C5220, PowerEdge C5230, PowerEdge C6100, PowerEdge C6105, PowerEdge C6145, PowerEdge C6220, PowerEdge C6220 II, PowerEdge C6300, PowerEdge C6320, PowerEdge C6320p, PowerEdge C6400, PowerEdge C6420, PowerEdge C6525, PowerEdge C8000, PowerEdge EL, PowerEdge External Media System 1434, PowerEdge External Media System 1634, PowerEdge External Media System 753, PowerEdge FC430, PowerEdge FC630, PowerEdge FC640, PowerEdge FC830, PowerEdge FD332, PowerEdge FM120x4 (for PE FX2/FX2s), PowerEdge FX2/FX2s, PowerEdge M1000E, PowerEdge M420, PowerEdge M520, PowerEdge M520 (for PE VRTX), PowerEdge M600, PowerEdge M605, PowerEdge M610, PowerEdge M610x, PowerEdge M620, PowerEdge M620 (for PE VRTX), PowerEdge M630, PowerEdge M630 (for PE VRTX), PowerEdge M640, PowerEdge M640 (for PE VRTX), PowerEdge M710, PowerEdge M710HD, PowerEdge M805, PowerEdge M820, PowerEdge M820 (for PE VRTX), PowerEdge M830, PowerEdge M830 (for PE VRTX), PowerEdge M905, PowerEdge M910, PowerEdge M915, PowerEdge MX5016s, PowerEdge MX7000, PowerEdge MX740c, PowerEdge MX840c, PowerEdge R200, PowerEdge R210, PowerEdge R210 II, PowerEdge R220, PowerEdge R230, PowerEdge R240, PowerEdge R300, PowerEdge R310, PowerEdge R320, PowerEdge R330, PowerEdge R340, PowerEdge R410, PowerEdge R415, PowerEdge R420, PowerEdge R420xr, PowerEdge R430, PowerEdge R440, PowerEdge R510, PowerEdge R515, PowerEdge R520, PowerEdge R530, PowerEdge R530xd, PowerEdge R540, PowerEdge R610, PowerEdge R620, PowerEdge R630, PowerEdge R640, PowerEdge R6415, PowerEdge R6515, PowerEdge R6525, PowerEdge R710, PowerEdge R715, PowerEdge R720, PowerEdge R720xd, PowerEdge R730, PowerEdge R730xd, PowerEdge R740, PowerEdge R740xd, PowerEdge R740xd2, PowerEdge R7415, PowerEdge R7425, PowerEdge R7515, PowerEdge R7525, PowerEdge R805, PowerEdge R810, PowerEdge R815, PowerEdge R820, PowerEdge R830, PowerEdge R840, PowerEdge R900, PowerEdge R905, PowerEdge R910, PowerEdge R920, PowerEdge R930, PowerEdge R940, PowerEdge R940xa, PowerEdge SDS 100 (Storage System), PowerEdge SP 5__, PowerEdge SP 5__-2, PowerEdge SP 51__-2 (ATI Mach64), PowerEdge SP 575-2, PowerEdge T100, PowerEdge T105, PowerEdge T110, PowerEdge T110 II, PowerEdge T130, PowerEdge T140, PowerEdge T20, PowerEdge T30, PowerEdge T300, PowerEdge T310, PowerEdge T320, PowerEdge T330, PowerEdge T340, PowerEdge T40, PowerEdge T410, PowerEdge T420, PowerEdge T430, PowerEdge T440, PowerEdge T605, PowerEdge T610, PowerEdge T620, PowerEdge T630, PowerEdge T640, PowerEdge T710, PowerEdge VRTX, PowerEdge Web Server, PowerEdge XE2420, PowerEdge XE 5__, PowerEdge XE 5__-2, PowerEdge XE 51__-2 (ATI Mach64), PowerEdge XE7100, PowerEdge XE7420, PowerEdge XE7440, PowerEdge 2600, PowerEdge 2650, PowerEdge 6600, PowerEdge 6650, PowerEdge 4600, PowerEdge SC 420, PowerEdge SC 430, PowerEdge SC 440

Last Published Date

20 Nov 2020

Version

2

Article Type

Solution

Rate This Article


Accurate
Useful
Easy to Understand
Was this article helpful?

0/3000 characters