No announcement yet.

Active Directory Kaput..

  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory Kaput..

    Hey there,
    I'm posting up here because we've got an SBS server that's being a pain and although I think its start from scratch time it can't hurt to ask..please don't be put off by the big explanation, its all background and the actual issue is quite straight forward..

    The scenario is that we replaced a server a couple of months back. We did an SBS2003 clean build and migrated the network by detaching the PCs from the old domain and connecting to the new. A complete fresh start server wise.

    Another engineer did the build on the box, and I was there for the install job. Unfortunately neither of us checked the NTFRS logs otherwise we would have seen events 13552 and 13555 being logged right from the get go. Bugger!

    Oddly though, we installed the server and set up policies/login scripts with no trouble which confuses me. These event logs are what we see when NETLOGON and SYSVOL go awal, yet we were definitely using scripts from these shares during the install. In fact I could have sworn that when we've seen this problem before it prevents the server from starting up the domain services properly.

    So fast forward to today. The client calls and tells us that the server was off this morning. It is a HP ML350 G6 and the power status light was red. I was able to replicate this situation by turning everything off and then powering on the server whilst the UPS was doing a power on self test. So the first call is to swap out the UPS.

    Unfortunately, although the server booted fine this morning and the PCs could connect it seems that during the day Active Directory has fallen over. We're getting plenty of logs from all over the show saying that the domain is uncontactable/offline/unavailable etc.

    What is odd however is that the server starts up and we can log in to the domain, but things like Exchange won't start.

    PCs start up and login but can't get their profiles and when you try to access the shares the PC comes up with a security warning and prevents access to the share (I don't have the exact error).

    We do have a proper backup of the system state, however I suspect that restoring the system state will not resolve the 13555 and 13552 errors from NTFRS and it is possible that attempting to fix these is what knocked out Active Directory in the first place..

    So my questions:

    1) If we restore the system state, what are the chances of actually being able to resolve the NTFRS errors? I recreated the jetdb, tried D2 and D4 burflags and nothing made any difference. Oddly, when using burflags the system logged the two 13552 and 13555 messages, but in between the two it logged the successful version of 13552 saying that the sysvol was successfully shared. I checked and the sysvol share was not present alas.

    2) If we rebuild the server from scratch, can I selectively pull information out of the system state to rebuild active directory so we don't have to set up the PCs again without also bringing back the NTFRS errors?

  • #2
    Re: Active Directory Kaput..

    Well, I just wrote up a page and a half of ideas, then read you last lines and saw that you have tried the JetDB, Burflags and all that


    If you format and start again, I would not bring the AD accross (its sbs, cant be TOO big), as the risk vs reward is not worth it. The chance that you might have to rebuild the server a 3rd time is not worth the 1-2 hours that you would save.

    I have had the sysvol lose its network connections a few times, had it completely dissapper for no reason twice and always been able to restore it using the steps list in I would read over them again and see if there is anything thats missed.

    If you have to rebuild, SBS is normally small enough to just rebuild from bare metal (just find the documentation from the first install)

    Good to be back....


    • #3
      Re: Active Directory Kaput..

      Thanks for the reply, that document you linked is one that I went through a couple of times yesterday for good measure :/

      I didn't do the journal wrapping one because we're not seeing those errors but it might be worth a try. The problem with redoing it is not just the time to do the server, its the PCs afterwoods. Just because a network only has a few PCs doesn't mean they're not losing quite a lot of money by being unable to work..

      I do suspect it is going to have to be a rebuild though but I was hoping someone might have some other suggestions.

      One word - bugger!


      • #4
        Re: Active Directory Kaput..

        Big note for everyone with the same problem or anything else really that won't go away...remember the basics.

        This morning I got it fixed in a matter of minutes and the cure?

        chkdsk c: /f

        It found one error and inserted an index $0 in file 28, rebooted and everything was hunky dory.

        Jobs'a guddun!


        • #5
          Re: Active Directory Kaput..

          That's a good one.
          I am replying mainly to thank you for posting back your solution and to add to your "reputation points" for doing so.

          Steven Teiger [SBS-MVP(2003-2009)]

          Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

          We donít stop playing because we grow old, we grow old because we stop playing.


          • #6
            Re: Active Directory Kaput..

            Cheers, its a good place to hash out your thoughts. I keep going to reply to other posts to see if I can help but get beaten to it!