Cannot Login to private configuration server

[Dale Gibble]

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

 

[Nino_1]

Active Directory is damaged.  I am trying to recover the DC by the boot
repair option.  I get the messge that I cannot login to the private
configuration server because of unknown user or password.  Also getting
error 0xc00002e1.  How can I get my DC back in operation?

Dale,


Sounds like the DSRM password is not correct, this is the PW when the
DC is brought online usually teh local admin password. Once you are
able to get in perform a soft recovery of the AD Database.

How to Recover the Database
To recover the database, follow these steps: 1. Click Start, click
Run, type ntdsutil in the Open box, and then press ENTER.
2. At the Ntdsutil command prompt, type files, and then press ENTER.
3. At the file maintenance command prompt, type recover, and then
press ENTER.
4. Type quit, and then press ENTER.
5. Restart the computer


Taken from technote >> http://support.microsoft.com/kb/816120/

HTH

Nino

 

[Nino_1]

Active Directory is damaged.  I am trying to recover the DC by the boot
repair option.  I get the messge that I cannot login to the private
configuration server because of unknown user or password.  Also getting
error 0xc00002e1.  How can I get my DC back in operation?

Forgot to mention, if your Ad is accessible from another DC you can
set the DSRM password as follows:

ntdsutil

set dsrm password

reset password on server <servername> (the name of the server that you
wish to change password on)

Taken from technote>> http://www.petri.co.il/change_recovery_console_password.htm

HTH

Nino

 

[Dale Gibble]

Thanks for the quick response! I ran the recover command and got a
response: "The volume does not contain a recognized file system - please
make sure that all the required file system drivers are loaded and the
volume is not corrupted" It the suggests running esentutl.exe. I started
the computer in domain controller recovery mode, safe mode does not seem to
want to start properly. I have run a 3 phase scan disk and recovered 3 bad
clusters.

Any more ideas?

Dale

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

Dale,


Sounds like the DSRM password is not correct, this is the PW when the
DC is brought online usually teh local admin password. Once you are
able to get in perform a soft recovery of the AD Database.

How to Recover the Database
To recover the database, follow these steps: 1. Click Start, click
Run, type ntdsutil in the Open box, and then press ENTER.
2. At the Ntdsutil command prompt, type files, and then press ENTER.
3. At the file maintenance command prompt, type recover, and then
press ENTER.
4. Type quit, and then press ENTER.
5. Restart the computer


Taken from technote >> http://support.microsoft.com/kb/816120/

HTH

Nino

 

[Dale Gibble]

I just noticed that the file system that it is complaining about is drive F
which is a non functioning drive. Drive C did not get that error message.

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

Dale,


Sounds like the DSRM password is not correct, this is the PW when the
DC is brought online usually teh local admin password. Once you are
able to get in perform a soft recovery of the AD Database.

How to Recover the Database
To recover the database, follow these steps: 1. Click Start, click
Run, type ntdsutil in the Open box, and then press ENTER.
2. At the Ntdsutil command prompt, type files, and then press ENTER.
3. At the file maintenance command prompt, type recover, and then
press ENTER.
4. Type quit, and then press ENTER.
5. Restart the computer


Taken from technote >> http://support.microsoft.com/kb/816120/

HTH

Nino

 

[Dale Gibble]

I guess the pertinent error is this: |Operation terminated with
error -550.(Jet_error database inconsistent)
database is in inconsistent state. How safe is the repair utility? It
says I could loose data.

Dale

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

Dale,


Sounds like the DSRM password is not correct, this is the PW when the
DC is brought online usually teh local admin password. Once you are
able to get in perform a soft recovery of the AD Database.

How to Recover the Database
To recover the database, follow these steps: 1. Click Start, click
Run, type ntdsutil in the Open box, and then press ENTER.
2. At the Ntdsutil command prompt, type files, and then press ENTER.
3. At the file maintenance command prompt, type recover, and then
press ENTER.
4. Type quit, and then press ENTER.
5. Restart the computer


Taken from technote >> http://support.microsoft.com/kb/816120/

HTH

Nino

 

[Dale Gibble]

Rebooting into safe mode gives the following error:

lsass.exe - System error
Security Accounts Initialization manager failed because of the following
error: Directory Service cannot start. Error Status: 0xc00002e1. Please say
OK to shut down this system and log into Directory Services Restore Mode,
check event log for more detailed information.

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

Forgot to mention, if your Ad is accessible from another DC you can
set the DSRM password as follows:

ntdsutil

set dsrm password

reset password on server <servername> (the name of the server that you
wish to change password on)

Taken from technote>>
http://www.petri.co.il/change_recovery_console_password.htm

HTH

Nino

 

[Ace Fekay [MVP Direcrtory Services]]

Active Directory is damaged. I am trying to recover the DC by the boot
repair option. I get the messge that I cannot login to the private
configuration server because of unknown user or password. Also getting
error 0xc00002e1. How can I get my DC back in operation?

Was something changed, installed or anything, on the DC prior to this
occuring? Was the default drive letter changed? Were any permissions on the
default drive, assuming C:, changed to perhaps increase security?

Take a look at this article:

"Directory Services cannot start" error message when you start your
Windows-based or SBS-based domain controller
http://support.microsoft.com/kb/258062


--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations

 

[Dale Gibble]

What was changed, was, a thumb drive was installed and then removed using
the remove aplet. However, when the computer crashed, it had dozens of
messages that the drive had been removed illegally. From then on, the
active directory did not work. Would it be worth the try to run dcpromo?

 

[Ace Fekay [MVP Direcrtory Services]]

What was changed, was, a thumb drive was installed and then removed using
the remove aplet. However, when the computer crashed, it had dozens of
messages that the drive had been removed illegally. From then on, the
active directory did not work. Would it be worth the try to run dcpromo?

Well, curious what was being performed especially concerning AD, while the
thumb drive was in? The error indicates a drive letter got messed up or
skewed. I can't see how the thumb drive would have done that. Can you get
into regular old safe mode, and not directory service recover mode? If so,
put the thumb drive back in and see if you can assign F: to it and restart.

As for demoting it, you can't get into it, so that's out of the question.
Even if you could, at this point it's pretty much hosed. As long as you can
recover or have the ability to reinstall any applications but at the same
time not lose any data the apps may have been using, my suggestion is to do
it right by reinstalling the OS, run a Metadata Cleanup to remove all
references of this DC from AD, that is all going on the assumption you only
more than just this one DC in the domain. If this is the only DC, do you
have a backup of C: drive and the system state?

Ace