DC restored from backup having AD issues...

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Our primary DC was hit by a rootkit and required formatting and restoration
from tape backup. Before doing so I transferred the Global Catalog role to
another DC in the domain, then demoted the infected DC to a member server and
removed it from the domain. The DC is back via a non-authoritative restore.
The copy of the AD on the newly restored DC is current, obviously receiving
replications from the other DCs. However, the newly restored DC cannot make
any changes to it's copy of the AD. Also, this DC can't be demoted because it
can't seem to "see " the other DCs (and within AD it isn't listed as one of
the Domain Controllers).
A tape backup of it's current System State failed due to

"Active Directory Service not responding."

Any suggestions?

Thanks!

--
"I enjoyed my youth so much that I decided to bring it along with me."
-G.C.
2 answers Last reply
More about restored backup issues
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    The DNS settings look good?

    On Sat, 26 Mar 2005 20:45:01 -0800, Triage
    <Triage@discussions.microsoft.com> wrote:

    >Our primary DC was hit by a rootkit and required formatting and restoration
    >from tape backup. Before doing so I transferred the Global Catalog role to
    >another DC in the domain, then demoted the infected DC to a member server and
    >removed it from the domain. The DC is back via a non-authoritative restore.
    >The copy of the AD on the newly restored DC is current, obviously receiving
    >replications from the other DCs. However, the newly restored DC cannot make
    >any changes to it's copy of the AD. Also, this DC can't be demoted because it
    >can't seem to "see " the other DCs (and within AD it isn't listed as one of
    >the Domain Controllers).
    >A tape backup of it's current System State failed due to
    >
    >"Active Directory Service not responding."
    >
    >Any suggestions?
    >
    >Thanks!


    ----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
    http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
    ----= East and West-Coast Server Farms - Total Privacy via Encryption =----
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    In news:7519DF01-4027-414D-BAB4-1328A95CBDD8@microsoft.com,
    Triage <Triage@discussions.microsoft.com> commented
    Then Kevin replied below:
    > Our primary DC was hit by a rootkit and required
    > formatting and restoration from tape backup. Before doing
    > so I transferred the Global Catalog role to another DC in
    > the domain, then demoted the infected DC to a member
    > server and removed it from the domain. The DC is back via
    > a non-authoritative restore. The copy of the AD on the
    > newly restored DC is current, obviously receiving
    > replications from the other DCs. However, the newly
    > restored DC cannot make any changes to it's copy of the
    > AD. Also, this DC can't be demoted because it can't seem
    > to "see " the other DCs (and within AD it isn't listed as
    > one of the Domain Controllers).

    Of course not, you demoted it.

    > A tape backup of it's current System State failed due to
    >
    > "Active Directory Service not responding."
    >
    > Any suggestions?

    Because you demoted the DC out of the domain, the only way to bring it back
    into the domain is to use DCPROMO to bring it back in. Do a force removal of
    AD from it, then promote it into the domain. The restore may have worked had
    you not already demoted it to a member.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
Ask a new question

Read More

Domain Backup Active Directory Windows