I'm in a bit of a bind here. Both of my Domain Controllers (DCs) lost connectivity to the SAN at the same time and they won't boot properly. For DC1, I tried recovery mode, cleared the ntds*.log, and used esentutl for repair, but nothing worked. The event viewer keeps showing that lsass is crashing. As for DC2, which is a core load without a GUI, recovery mode won't let me log in either, saying there's no "DC available to authenticate the password". I'm looking for ideas or suggestions on how to recover from this situation.
7 Answers
If you don’t have backups, it’s going to be a real challenge. Just keep in mind, you can rebuild since it’s a small network, but it’s super frustrating to lose everything due to missing backups.
You might want to check out this tool: u-tools.com/u-move. It can help import data from your NTDS file into a new Active Directory, so you won’t start from scratch.
Sorry you’re dealing with this. Let this be a lesson learned for future setups! You really need a better redundancy plan.
For DC2, try disconnecting the network cable and see if you can log in using cached credentials. After that, check your DNS settings and ensure it's pointing to itself as the primary server.
What server version are you running? It might help narrow down the recommendations.
It's 2022.
And remember, it’s crucial to have at least one DC using local storage to avoid these kinds of failures. But honestly, redundant SANs and backups are the way to go.
No backups? That's a tough spot to be in. Hopefully, you have something to fall back on, but if not, it could get messy during recovery.
Yeah, backups can seem overrated until you're in a situation like this. But honestly, restoring from a backup can be risky, especially if it's not up-to-date. You could end up tombstoning the domain!
Exactly! It’s just so annoying to lose user profiles and all that data. I could’ve sworn I was more careful.