[ritec]

So we have been having lots of issues lately with our Primary Domain Controller. response has been sluggish until the server needs to be hard rebooted using the button as nothing else will work.

Unfortunately today I came to work and even more things were broken and it seems like authentication is no longer working for sharepoint and other services that authenticate through the PDC. Also I can't log in to the PDC through RDP as it says:

"The system cannot log you on due to the following error: the specified domain either does not exist or could not be contacted. Please try agian or consult your systems admin"
Unfortunately I am the Systems Admin ha.

When I use the netshare command I do not see SYSVOL or NETLOGON shared and the SYSVOL folder seems to be empty?

I also tried to debug using dcdiag and I receive the following failed tests:

Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\ NJMTS01 \ netlogon)

[NJMTS01] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path..
......................... NJMTS01 failed test NetLogons

Starting test: Advertising
Fatal ErrorsGetDcName (NJMTS01) call failed, error 1355
The Locator could not find the server.
......................... NJMTS01 failed test Advertising


Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... NJMTS01 failed test frsevent


Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 12/12/2011 16:47:44
Event String: The DHCP service failed to see a directory server
......................... NJMTS01 failed test systemlog

Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... mateso.local failed test FsmoCheck

Any ideas?

Authoritative restore?

Thanks!

[biggles77]

Is this your only DC?
Do you have current backups?
Have these backups been tested?
Have you run any A/V, Malware/Spyware/RootKit scan lately?
How old is the hardware?
What Server O/S are you running? 2000 or 2003?

[ritec]

Sorry for the ddelay... so I was able to recover my domain.

Here is how I fixed all the issues I was having with my Primary Domain controller running Windows Server 2003 32 bit Standard Edition.

The root of the cause was a missing Sysvol SHARE and presumably because FSR stopped working.

The problem was resolved by re-Creating the Sysvol share from backup (luckily) and doing an FSR Authoritative restore from the PDC where the sysvol folder was restored. Minutes after doing the Authoritative restore on the PDC I also did a Non Authoritative FRS restore on the Other domain controllers and everything magically started working again.

If you are wondering how to do the Authoritative restores this is what I did:

To complete an authoritative restore, stop the FRS service, configure the
BurFlags
registry key, and then restart the FRS service. To do so:

1. Click Start, and then click Run.
2. In the Open box, type cmd and then press ENTER.
3. In the Command box, type net stop ntfrs.
4. Click Start, and then click Run.
5. In the Open box, type regedit and then press ENTER.
6. Locate the following subkey in the registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\NtFrs\Parameters\Backup/Restore\Process at Startup
   
7. In the right pane, double click BurFlags.
8. In the Edit DWORD Value dialog box, type D4 and then click OK.
9. Quit Registry Editor, and then switch to the Command box.
10. In the Command box, type net start ntfrs.
11. Quit the Command box.

For the Non authoritative FSR restore on the NONE PrimaryDomain Controllers I fo0llowed the same procedure as above but with the D2 flag instead of D4 on the registry.

Hope this helps someone some day.

cheers!

[biggles77]

Well done on having a backup!! They do tend to save a huge amount of work and Thank You for posting back and sharing your solution with the rest of the Community. It really is appreciated!