message "Herb Martin" wrote:
in
message I have a DC that I cannot access. I am not sure what exactly
happened,
but
I
now get a message at login that indicates that interactive logins
are
not
allowed. The server is running fine, so I am relunctant to
anything
rash
right now. I can login in safe mode using the directory rebuild
for
DCs.
Notice that this is NOT really the same as safe mode:
Directory Service Restore mode uses a "local" admin
account that is NOT in AD, but equivalent to a server
specific user like on a non-DC.
Are you using THE Administrator account for the domain
on the normal login (it shouldn't really be better than any
other admin account but do take that variable out of the
equation.)
Yes, I am logging in as administrator.
It would be clearer if you would say THE Administrator (with or
without the capitalization.) Or more specifically failing to logon
as the adminster of the domain, but succeeding with the DS restore
(local) administrator account.
Can you logon in any other (true) Safe mode, especially
Safe Mode with Networking?
I tried straight Safe Mode and could not login.
I am curious if I can:
reinstall AD and, subsequently, set this server backup as a DC.
I took this to mean re-install the DC since you cannot logon
to the DC, you cannot MERELY DCPromo to non-DC.
Well, sure, but that loses the DC/server; this is always possible
but usually not desirable.
All I want to do is to be able to login to the server and not the
domain.
This server has SQL and some Dbs on it. It really did not need to be
a
DC.
The problem is getting you a place to do the DCPromo.
I think I might try a REPAIR INSTALL.
Can you access this machine with any REMOTE tools?
e.g., AD Users and Computers with THIS server specified?
Or any other remote MMC connection to it?
uninstall and add the server to another domain (with an NT ?).
simply add the server to the other domain.
As long as it is not a DC you can certainly do this.
Can I do this to get a login, even with the DC loaded?
That's the issue. You first need to logon to it.
What had you done to it, or Group Policy etc., prior to this
problem?
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]