Sign in with
Sign up | Sign in
Your question

DC restored from backup having AD issues...

Last response: in Windows 2000/NT
Share
March 27, 2005 12:45:01 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Our primary DC was hit by a rootkit and required formatting and restoration
from tape backup. Before doing so I transferred the Global Catalog role to
another DC in the domain, then demoted the infected DC to a member server and
removed it from the domain. The DC is back via a non-authoritative restore.
The copy of the AD on the newly restored DC is current, obviously receiving
replications from the other DCs. However, the newly restored DC cannot make
any changes to it's copy of the AD. Also, this DC can't be demoted because it
can't seem to "see " the other DCs (and within AD it isn't listed as one of
the Domain Controllers).
A tape backup of it's current System State failed due to

"Active Directory Service not responding."

Any suggestions?

Thanks!

--
"I enjoyed my youth so much that I decided to bring it along with me."
-G.C.

More about : restored backup issues

Anonymous
March 27, 2005 4:01:07 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

The DNS settings look good?

On Sat, 26 Mar 2005 20:45:01 -0800, Triage
<Triage@discussions.microsoft.com> wrote:

>Our primary DC was hit by a rootkit and required formatting and restoration
>from tape backup. Before doing so I transferred the Global Catalog role to
>another DC in the domain, then demoted the infected DC to a member server and
>removed it from the domain. The DC is back via a non-authoritative restore.
>The copy of the AD on the newly restored DC is current, obviously receiving
>replications from the other DCs. However, the newly restored DC cannot make
>any changes to it's copy of the AD. Also, this DC can't be demoted because it
>can't seem to "see " the other DCs (and within AD it isn't listed as one of
>the Domain Controllers).
>A tape backup of it's current System State failed due to
>
>"Active Directory Service not responding."
>
>Any suggestions?
>
>Thanks!


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Anonymous
March 27, 2005 6:14:55 AM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

In news:7519DF01-4027-414D-BAB4-1328A95CBDD8@microsoft.com,
Triage <Triage@discussions.microsoft.com> commented
Then Kevin replied below:
> Our primary DC was hit by a rootkit and required
> formatting and restoration from tape backup. Before doing
> so I transferred the Global Catalog role to another DC in
> the domain, then demoted the infected DC to a member
> server and removed it from the domain. The DC is back via
> a non-authoritative restore. The copy of the AD on the
> newly restored DC is current, obviously receiving
> replications from the other DCs. However, the newly
> restored DC cannot make any changes to it's copy of the
> AD. Also, this DC can't be demoted because it can't seem
> to "see " the other DCs (and within AD it isn't listed as
> one of the Domain Controllers).

Of course not, you demoted it.

> A tape backup of it's current System State failed due to
>
> "Active Directory Service not responding."
>
> Any suggestions?

Because you demoted the DC out of the domain, the only way to bring it back
into the domain is to use DCPROMO to bring it back in. Do a force removal of
AD from it, then promote it into the domain. The restore may have worked had
you not already demoted it to a member.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
!