DC restored from backup having AD issues...

G

Guest

Our primary DC was hit by a rootkit and required formatting and restoration
from tape backup. Before doing so I transferred the Global Catalog role to
another DC in the domain, then demoted the infected DC to a member server and
removed it from the domain. The DC is back via a non-authoritative restore.
The copy of the AD on the newly restored DC is current, obviously receiving
replications from the other DCs. However, the newly restored DC cannot make
any changes to it's copy of the AD. Also, this DC can't be demoted because it
can't seem to "see " the other DCs (and within AD it isn't listed as one of
the Domain Controllers).
A tape backup of it's current System State failed due to

"Active Directory Service not responding."

Any suggestions?

Thanks!
 
S

sjungdahl

The DNS settings look good?

Our primary DC was hit by a rootkit and required formatting and restoration
from tape backup. Before doing so I transferred the Global Catalog role to
another DC in the domain, then demoted the infected DC to a member server and
removed it from the domain. The DC is back via a non-authoritative restore.
The copy of the AD on the newly restored DC is current, obviously receiving
replications from the other DCs. However, the newly restored DC cannot make
any changes to it's copy of the AD. Also, this DC can't be demoted because it
can't seem to "see " the other DCs (and within AD it isn't listed as one of
the Domain Controllers).
A tape backup of it's current System State failed due to

"Active Directory Service not responding."

Any suggestions?

Thanks!
Click to expand...
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Triage said:
Our primary DC was hit by a rootkit and required
formatting and restoration from tape backup. Before doing
so I transferred the Global Catalog role to another DC in
the domain, then demoted the infected DC to a member
server and removed it from the domain. The DC is back via
a non-authoritative restore. The copy of the AD on the
newly restored DC is current, obviously receiving
replications from the other DCs. However, the newly
restored DC cannot make any changes to it's copy of the
AD. Also, this DC can't be demoted because it can't seem
to "see " the other DCs (and within AD it isn't listed as
one of the Domain Controllers).
Click to expand...

Of course not, you demoted it.
A tape backup of it's current System State failed due to

"Active Directory Service not responding."

Any suggestions?
Click to expand...

Because you demoted the DC out of the domain, the only way to bring it back
into the domain is to use DCPROMO to bring it back in. Do a force removal of
AD from it, then promote it into the domain. The restore may have worked had
you not already demoted it to a member.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Domain Controller Issue - Urgent Help 8
Disaster Recovery AD 1
Journal Wrap Error on Single DC Domain 10
Removing DC from the domain 1
DC failure 1
How to restore AD in a Disaster Recovery Scenario 2
trouble after DC restore 1
Disaster Recovery AD 2

Top