AD Drive Failure -- Server will not boot properly!

[Poontos]

Setup:

Windows 2000 Server SP2
Basic AD setup (non-critical testing)
C:\ = System Volume (Winnt, Progams, etc.)
D:\ = Now a FreeBSD partition with its built-in dual-boot proggy.

OK, so the drive did not fail, but it could be a similar circumstance in the real world and may help those in the future.

I was going to trash my install of Win2K, but I noticed that I could keep my install, but would just
loose my D: drive, which is where AD was all contained (as specified in the AD setup).

Both "boot" fine, except for the fact that Win2K will not load up properly since the D: drive is no longer
there (or in a file system that Win2k can see), and therefore all the AD data-stuff.

So, I am told to boot into Safe Mode -- Directory Services Restore or something, which loads fine, but where
do I go about trying to fix AD? I just want to create (formatting in Disk Manager MMC right now) a new partition
and re-setup AD and not have to do a full install of the OS.


TIA!

 

[AkumaBao]

Ouch. It's nice to see another FreeBSD conversion!!! I'm not sure how you would go about re-installing the AD files, other than copying straight from the CD. Don't quote me on that though.

 

[Poontos]

I need specifics... preferably step by step.

Thanks

 

[OpalFrost98GT]

I'm not sure if this will work but you can try dcpromo.exe to remove AD. If that works...just reboot and reinstall AD.

 

[Poontos]

<< I'm not sure if this will work but you can try dcpromo.exe to remove AD. If that works...just reboot and reinstall AD. >>


dcpromo will not run in the restore mode, which is the only mode that it will boot into.

 

[OpalFrost98GT]

So you need to restore your system state data. You do have a backup? If so check this article out--->
Link

 

[Poontos]

I do not have a backup, as this is an experimental envrionment.

 

[SoulAssassin]

<< Setup:

Windows 2000 Server SP2
Basic AD setup (non-critical testing)
C:\ = System Volume (Winnt, Progams, etc.)
D:\ = Now a FreeBSD partition with its built-in dual-boot proggy.


I was going to trash my install of Win2K, but I noticed that I could keep my install, but would just
loose my D: drive, which is where AD was all contained (as specified in the AD setup).

TIA! >>



What was on D prior to the BSD addition? If c is your sysvol then all AD should have been there so it seems like the info is conflicting.

 

[Saltin]

So you've erased the Active directory DB and log files, and it's your only DC I am guessing? If that's the case, you are screwed.
If that bothers you, back up your system state once in a while : )

You can't run Dcpromo, and you cant use ntdsutil to remove the instance of the DC, from AD, becuase, well, there is no AD.

That's my take anyhow, maybe someone has brighter news.

 

[Poontos]

Yah, D: had all my AD files, logs, etc.

No backups, this is in my house. It is a dualboot of FreeBSD on that server, so it obviously ain`t that important/critical.

But, there has to be a way to at least disable AD and turn it into a standalone server and then later add back on AD?

 

[Poontos]

Anyone?

 

[SoulAssassin]

<<
But, there has to be a way to at least disable AD and turn it into a standalone server and then later add back on AD? >>



You can't demote it because you can't access AD. You're hosed. Take a deep breath, learn a lesson, and reinstall 2K.

 

[Poontos]

<<

<<
But, there has to be a way to at least disable AD and turn it into a standalone server and then later add back on AD? >>



You can't demote it because you can't access AD. You're hosed. Take a deep breath, learn a lesson, and reinstall 2K. >>


LOL!

Scenario:

->Server with AD.

-> Server has two drives. Drive one is OS and drive two is AD.

-> Backup is done regularly.

-> Drive two fails.

-> Ad fails. OS still runs.

-> Backup was hacked and is corrupt.

->Company's AD was not too complex, but the OS is pretty tight and do not want to re-install. Company wants to re-build AD, without re-installing the whole OS.

So you are saying Microsoft, basically says "F-U, rebuild it ALL." In this situation.

 

[Saltin]

<< Company's AD was not too complex, but the OS is pretty tight and do not want to re-install. Company wants to re-build AD, without re-installing the whole OS. >>



No company with competent Admins runs a 2k AD with less than two DC's. No company with competent admins fails to back up the system state on a regular basis.

It's easy to repair the problem you have in a multi DC domain. I can do it in about five minutes w/ntdsutil. I've had to do it a couple of times when boneheads blow away DC's w/o demoting them first.

I don't think any method I know of is going to work for you.

You obviously think otherwise. This makes me wonder why you asked for help in the first place....

 

[Poontos]

"No company with competent Admins runs a 2k AD with less than two DC's. No company with competent admins fails to back up the system state on a regular basis."

I will go out on a limb and say the keyword here, is "competent". In the real world, not all are competent. This is why I am surprised that MS does not have a workaround for this problem.

The other keywords here are: I am simply trying to learn a bit about AD before one of my classes hits it head on. And, I ran into a problem and figured there was a solution. I respect your knowledge and others, but yourself (Saltin), SoulAssassin, etc. are not the only ones out there that are quite knowledgeable about AD.

Silly me to clarify and bump my message for more input.


"It's easy to repair the problem you have in a multi DC domain. I can do it in about five minutes w/ntdsutil. I've had to do it a couple of times when boneheads blow away DC's w/o demoting them first."

Which makes total sense to me, but not all are as compentent as you. Nor is my situation one that I would run into if I were to implement AD in the future. Because, as you know, redundancy is a crucial component to keeping things going.


"I don't think any method I know of is going to work for you."

Cool, I appreciate your time.

"You obviously think otherwise. This makes me wonder why you asked for help in the first place...."

I must be retard for seeking further input from more than two dudes on the Internet. Shame on me.

 

[Saltin]

<< I must be retard for seeking further input from more than two dudes on the Internet. Shame on me. >>



Don't be so hard on yourself.
It's not that you asked for more help, it's the fact that you laughed at the answers you recieved.

 

[Poontos]

<<

<< I must be retard for seeking further input from more than two dudes on the Internet. Shame on me. >>



Don't be so hard on yourself.
It's not that you asked for more help, it's the fact that you laughed at the answers you recieved. >>


Misunderstanding... I was laughing at what my apparent fate was going to be and the fact that MS did not have a logical/easy/straightforward resolution.

Sometimes you just have to laugh and move on with these types of problems. I was hoping for one last chance.

 

[SoulAssassin]

Just wanted to point out that in the time we spent discussing this, the OS could have been rebuilt and AD created many times over.

And just for the record, if this was a non-production box that didn't have many accounts/configuration changes/ect I would have still recommended just starting from scratch. Restoring AD from backup in a single DC environment is a major, major pain in the @ss. Once you get your DC back up and running backup the SS to disk (or tape if you have one) and try it. If your desire is to learn about AD then this is a good educational experience.

Once you do that, bring up a second machine as another DC. Play around w xferring roles to the other machine, setup replication, ect.

And next time, remember where you install AD.

..and remember, we're all here to help.