I'm in a bit of a tough spot. Both my domain controllers (DCs) lost connectivity to the SAN at the same time, and now they're not booting up properly. For DC1, I've tried recovery mode, cleared the NTDS logs, and even attempted an esentutl repair, but nothing seems to work—event viewer shows that lsass is crashing. As for DC2, it's running a core load without a GUI, and I can't log in to recovery mode because it claims there's no DC available to authenticate the password. Does anyone have any ideas or suggestions to help?
7 Answers
Sorry to hear about your troubles! This definitely serves as a lesson learned. You might want to come up with a better redundancy plan for the future.
What version of the server are you running? Knowing this can help pinpoint potential issues you're facing.
Make sure for next time to have at least one DC that uses local storage to avoid issues with single points of failure.
Better yet, ensure you have redundant SANs or at least solid backups this time.
Without backups, you're pretty much without options. It's frustrating to deal with something that should've been preventable, especially if you could rebuild it.
It’s definitely annoying to lose everything, especially user profiles, over such a simple oversight.
You might need a tool like this one: https://u-tools.com/u-move. It can help import data from your NTDS file into a new Active Directory, saving you from a full rebuild.
Do you have any backups? If not, you're really in a pickle here. It's a good practice to always have recent backups for situations like this.
Yeah, sounds like you underestimated the importance of regular backups! Just remember, restoring a domain controller can be risky depending on when the last backup was taken.
For DC2, try disconnecting the NIC and see if you can log in with cached credentials. After that, make sure the DNS settings are correct, primarily that it's set to itself as the primary.
I’m on 2022.