I'm in a bit of a jam with my two domain controllers (DCs) both losing connectivity to the SAN at the same time, and now neither will boot normally. For DC1, I tried recovery mode, cleared the ntds*.log, and used esentutl for repair, but no luck; it just keeps saying that lsass is crashing in repair mode. For DC2, it's running a core load without a GUI, and even in recovery mode, I can't log in because it says no DC is available to authenticate the password. Any ideas or suggestions on how to recover?
7 Answers
That's rough, man. Definitely a lesson learned here: come up with a resilience plan next time. It’s better to be safe than sorry and avoid relying solely on one SAN.
Also, going forward, at least one DC should definitely use local storage to avoid that single point of failure. It just makes sense to have a backup plan like redundant SANs.
For DC2, try disconnecting the NIC. Then see if you can log in with cached credentials. After that, don’t forget to check the DNS settings to make sure the DC has itself set as the primary.
If you don’t have backups, then you might be in a really tough spot. If it's a small network, though, maybe it’s manageable to rebuild it? Still super annoying to lose user profiles and everything over an oversight like that.
Totally get it. Losing user profiles is majorly frustrating!
Do you have any backups? Because if not, you might be in real trouble here. It's kind of a big deal when it comes to domain controllers. Without those backups, you're really going to struggle to recover anything in a way that won't cause even more issues down the line.
Yeah, I can see how backups can feel overrated, but they're crucial. If you don’t have a recent backup, restoring might risk tombstoning the domain, which is a whole other mess.
Have you checked out 'U-Move'? It’s a tool that can help you import data from your NTDS file into a fresh Active Directory setup, so you might not have to start completely from scratch.
What server version are you running? It might help narrow down some recovery options.
It's Windows Server 2022.
Exactly! Redundant setups can save you a lot of headaches.