Active Directory install crashes computer

[JasonC]

I cannot find a single instance of anybody ever having this
problem but it is a SERIOUS pain in the neck.


Here's what happens - I go to install Active Directory (on
win2k server) through the Configure Your Server icon in
Administrative Tools. It asks me some initial questions,
the first I answer "Domain controller for a new domain."
The second, I answer "Create a new domain tree." Then
after answering the third page of the wizard, "Create a
new forest.." and clicking next - it waits a few seconds,
then shows me another page, but IMMEDIATELY gives me this
message:


[SOMETHING ABOUT NT AUTHORITY]
SHUTDOWN TIME: 00:60 [AND COUNTS DOWN FROM 60 SECONDS]
THE SYSTEM PROCESS 'C:\WINNT\SYSTEM32\SERVICES.EXE'
TERMINATED UNEXPECTEDLY WITH STATUS CODE 128. THE SYSTEM
WILL NOW SHUTDOWN & RESTART.



!!!! - It happens every single time I do this...no other
time does it ever do it. I am running SERVICE PACK 4 and
have ALL of the latest updates from the Windows update
site.

How come I can't find anybody else having the same
issue?? This has to be a known problem..my computer is
clean and works perfect in every other area.

And the only reason I want A.D. is because RIS apparently
won't finish setup without a domain controller. Maybe I
do not even need this step?

JasonC

 

[Ace Fekay [MVP]]

In

I cannot find a single instance of anybody ever having this
problem but it is a SERIOUS pain in the neck.


Here's what happens - I go to install Active Directory (on
win2k server) through the Configure Your Server icon in
Administrative Tools. It asks me some initial questions,
the first I answer "Domain controller for a new domain."
The second, I answer "Create a new domain tree." Then
after answering the third page of the wizard, "Create a
new forest.." and clicking next - it waits a few seconds,
then shows me another page, but IMMEDIATELY gives me this
message:


[SOMETHING ABOUT NT AUTHORITY]
SHUTDOWN TIME: 00:60 [AND COUNTS DOWN FROM 60 SECONDS]
THE SYSTEM PROCESS 'C:\WINNT\SYSTEM32\SERVICES.EXE'
TERMINATED UNEXPECTEDLY WITH STATUS CODE 128. THE SYSTEM
WILL NOW SHUTDOWN & RESTART.



!!!! - It happens every single time I do this...no other
time does it ever do it. I am running SERVICE PACK 4 and
have ALL of the latest updates from the Windows update
site.

How come I can't find anybody else having the same
issue?? This has to be a known problem..my computer is
clean and works perfect in every other area.

And the only reason I want A.D. is because RIS apparently
won't finish setup without a domain controller. Maybe I
do not even need this step?

JasonC

Did RIS not cancel out correctly? Try dcpromo from a Run command instead of
using the config your machine wizard.

This also sounds like the sasser worm. What's in your Run key in the reg?

http://forum.gladiator-antivirus.com/index.php?showtopic=14497

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[JasonC]

-----Original Message-----
In JasonC <[email protected]> made a post then I commented
below

I cannot find a single instance of anybody ever having this
problem but it is a SERIOUS pain in the neck.


Here's what happens - I go to install Active Directory (on
win2k server) through the Configure Your Server icon in
Administrative Tools. It asks me some initial questions,
the first I answer "Domain controller for a new domain."
The second, I answer "Create a new domain tree." Then
after answering the third page of the wizard, "Create a
new forest.." and clicking next - it waits a few seconds,
then shows me another page, but IMMEDIATELY gives me this
message:


[SOMETHING ABOUT NT AUTHORITY]
SHUTDOWN TIME: 00:60 [AND COUNTS DOWN FROM 60 SECONDS]
THE SYSTEM PROCESS 'C:\WINNT\SYSTEM32\SERVICES.EXE'
TERMINATED UNEXPECTEDLY WITH STATUS CODE 128. THE SYSTEM
WILL NOW SHUTDOWN & RESTART.



!!!! - It happens every single time I do this...no other
time does it ever do it. I am running SERVICE PACK 4 and
have ALL of the latest updates from the Windows update
site.

How come I can't find anybody else having the same
issue?? This has to be a known problem..my computer is
clean and works perfect in every other area.

And the only reason I want A.D. is because RIS apparently
won't finish setup without a domain controller. Maybe I
do not even need this step?

JasonC

Did RIS not cancel out correctly? Try dcpromo from a Run command instead of
using the config your machine wizard.

This also sounds like the sasser worm. What's in your Run key in the reg?

http://forum.gladiator-antivirus.com/index.php? showtopic=14497

I am not sure what you mean about RIS not cancelling out
correctly. What I had done was started setting up RIS,
and then when I got to the part where I configure it
(after reboot) it gave me the error about no domain
controller or whatever. DOES IT EVEN NEED ONE? Then
after I tried and failed to install AD several times, I
decided to remove RIS - so I did that and A.D. still does
the same thing.

I just tried dcpromo and it did the same thing. I checked
that forum and looked for the file and the addition to the
run key in the registry and neither of them are there. I
also ran an online virus scan which came up clean and an
online parasite scan which also came up clean. I've also
run some other local parasite scanning and removing tools
and nothing comes up, short of maybe a few cookies of
course.

I am totally up to date with all of the latest updates.
So what could be doing this? Do I have to have an Active
Directory running to have a domain controller on here? Or
do I even need to have those to get RIS running in the
first place?

Thanks for your help.
Jason

 

[Ace Fekay [MVP]]

In

I am not sure what you mean about RIS not cancelling out
correctly. What I had done was started setting up RIS,
and then when I got to the part where I configure it
(after reboot) it gave me the error about no domain
controller or whatever. DOES IT EVEN NEED ONE? Then
after I tried and failed to install AD several times, I
decided to remove RIS - so I did that and A.D. still does
the same thing.

I just tried dcpromo and it did the same thing. I checked
that forum and looked for the file and the addition to the
run key in the registry and neither of them are there. I
also ran an online virus scan which came up clean and an
online parasite scan which also came up clean. I've also
run some other local parasite scanning and removing tools
and nothing comes up, short of maybe a few cookies of
course.

I am totally up to date with all of the latest updates.
So what could be doing this? Do I have to have an Active
Directory running to have a domain controller on here? Or
do I even need to have those to get RIS running in the
first place?

Thanks for your help.
Jason

Actually, yes, RIS does require AD. I thought maybe trying to install RIS
prior to AD would cause a problem. Haven't seen this scenario before, other
than the LSAS service crashing due to the Sasser worm. Did you also run
stinger by chance?

Did you try to run dcpromo without the configure server wizard? Run it that
way. See these links to help with logging to aid in troublshooting:
http://www.jsiinc.com/SUBK/tip5400/rh5434.htm
http://support.microsoft.com/?kbid=221254

There's this multi step method to manually remove a DC that a colleague
created. I know you don't have a DC, but maybe there's a service or reg
entry that can cause this as well. Try the above stuff first, and if that
doesn't help, I'll post those steps for you and you can check your machine
for these entries so you can delete/modify them.


Ace

 

[JasonC]

-----Original Message-----
In JasonC <[email protected]> made a post then I commented
below

Actually, yes, RIS does require AD. I thought maybe trying to install RIS
prior to AD would cause a problem. Haven't seen this scenario before, other
than the LSAS service crashing due to the Sasser worm. Did you also run
stinger by chance?

Did you try to run dcpromo without the configure server wizard? Run it that
way. See these links to help with logging to aid in troublshooting:
http://www.jsiinc.com/SUBK/tip5400/rh5434.htm
http://support.microsoft.com/?kbid=221254

There's this multi step method to manually remove a DC that a colleague
created. I know you don't have a DC, but maybe there's a service or reg
entry that can cause this as well. Try the above stuff first, and if that
doesn't help, I'll post those steps for you and you can check your machine
for these entries so you can delete/modify them.

No sasser worm and I ran Stinger to make sure. I didn't
run the configure your server wizard these last few times
either -just ran dcpromo from the run box like you said
to. I edited the registry so the dcpromoui.log would be
most detailed like it said on those pages. So now I have
a log file up on our web site for you to look at if you'd
like:

http://www.olsonives.com/test/dcpromoui.log

Perhaps your collegue's instructions can help me.

Thanks,
Jason

 

[Ace Fekay [MVP]]

In

No sasser worm and I ran Stinger to make sure. I didn't
run the configure your server wizard these last few times
either -just ran dcpromo from the run box like you said
to. I edited the registry so the dcpromoui.log would be
most detailed like it said on those pages. So now I have
a log file up on our web site for you to look at if you'd
like:

http://www.olsonives.com/test/dcpromoui.log

Perhaps your collegue's instructions can help me.

Thanks,
Jason

Thanks for making that available. Kind of difficult to read since it caused
it to wrap. It looks good, but then again, just parsing thru it for errors,
and don't see any. Maybe if someone else here can glance at it.

Here are those steps. Maybe follow these steps to 'clean' it up if anything
got left behind from the prior promotion attempts.

13 easy steps.
1) On another DC in the domain run NTDSUTIL to move the FSMO's, er seize
them! DOH. (If this is the only DC, then don't worry about it)
2) Make sure DNS is 100% solid on the working DC. (If only one DC, don't
worry about it for now, but configure it correctly before promoting it to a
new DC).
3) Make sure working DC is also a GC. (If just one DC, don't worry about
it).
4) Boot corrupted DC into DSRM, edit the registry change
HKLM\SYSTEM\CCS\Control\ProductOptions change the ProductType value from
LanmanNT to ServerNT. This key dictates if the machine is a DC or jus a
server. ServerNT means it's not a DC.
5)Command prompt > net stop ntfrs to stop FRS.
6) Delete the Winnt\Sysvol and NTDS directories.
7) Reboot the now former DC
8) Log into the now member server. Change it to a stand alone, by joining a
workgroup (My Computer Properties, Network ID tab, remove it from the old
domain).
9) Reboot the now stand alone server.
10) If there is only one DC in the domain, skip this step, otherwise, on the
good DC delete the disabled computer account for the old, now defunct DC.
11) Now on this new stand alone machine, set the Primary DNS Suffix to the
new domain name that you want (In My Computer. Properties, Network ID Tab,
Properties, More,). Reboot.
12. Make sure that DNS is configured with the new domain name and updates
set to YES.
13. Run DCPROMO to create a new domain or join the domain/tree/forest again.
Reboot.

Ace

 

[JasonC]

Ace - I got it working! I had to skip a lot of steps you
listed, and when I tried a few of the others they weren't
that useful because for example, when I went to change
that registry entry, it was already what it should have
been. The directories to be deleted were not there, etc.

But something that I did fixed it. I believe it was
either the adding the domain suffix, or setting up DNS.
You should keep this on hand in case anyone else comes
across this problem.

Thanks A LOT!

Jason

 

[Ace Fekay [MVP]]

In

Ace - I got it working! I had to skip a lot of steps you
listed, and when I tried a few of the others they weren't
that useful because for example, when I went to change
that registry entry, it was already what it should have
been. The directories to be deleted were not there, etc.

But something that I did fixed it. I believe it was
either the adding the domain suffix, or setting up DNS.
You should keep this on hand in case anyone else comes
across this problem.

Thanks A LOT!

Jason

My pleasure!

Adding the suffix? Hmm, I should have maybe asked for an ipconfig /all to
take a closer look! Yes, the Priomary DNS Suffix is what the netlogon
service looks for to register that name into the DNS server configured in IP
properties.

Glad you got it fixed!

Ace