I'm in a bit of a jam with my virtual domain controllers (DCs). Both of them lost connectivity to the SAN at the same time, and now they're not booting up correctly. For DC1, I've tried recovery mode, clearing the ntds*.log, and using esentutl for repairs, but no luck. It seems like lsass keeps crashing in repair mode according to the event viewer. DC2 is a core load without a GUI, and in recovery mode, I can't log in because it says there's no DC available to authenticate the password. Any advice on how to get these back online?
8 Answers
For DC2, try disconnecting the NIC and then see if you can log in with cached credentials. Also, double-check the DNS settings; it should list itself as the primary.
If you don't have those backups, I hate to say it, but it's going to be hard to get out of this one without starting fresh. It's frustrating when a simple oversight leads to this kind of headache.
What version of the server are you running?
It's 2022.
Do you have any backups? Because if not, you're really in a tough spot. Over time, storing backups has become essential for situations like these.
I guess OP thought backups weren't that important. Restoring a DC from a backup can be really tricky, especially if it's been a while since the last backup.
You might want to check out this tool: https://u-tools.com/u-move. It can import data from your NTDS file into a new Active Directory setup, so you won't have to start completely over.
And absolutely, next time, it's worth having at least one DC using local storage to avoid these kinds of failures.
Sorry to hear about your troubles! It's definitely a lesson learned. Now's the time to think about setting up a more resilient backup and redundancy plan.
It’s a small network, so I can always rebuild, but losing everything over something so avoidable is annoying. Plus, I don’t want to lose all the user profiles!