Disaster Recovery of Windows 2000 Server Active Directory


S

Scott Buerkley

Our 1st active directory server went down. The hard drive that had the OS
on it failed. We have a 2nd Win 2000 server that has Active directory on
it. We have a 3rd server with Exchange server 2000. The computers are
connecting to the network and the drive mappings are working. When we go
into Active Directory Users and Computers on the 2nd active directory server
it all looks fine. But we get the following error message when we go into
We get the following error message Active Directory Users and Computers on
the W2k server runing Exchange. "Naming information can not be located
because: The serve is not operational. Please see you system
administrator..."

I there a way to make the 2nd Active directory serve take control of the
Active directory, or should I setup another server with the same name and do
a system restore to try to get the active directory running again?

Thx,
Scott Buerkley
 
Ad

Advertisements

T

Tomasz Onyszko

Scott said:
Our 1st active directory server went down. The hard drive that had the OS
on it failed. We have a 2nd Win 2000 server that has Active directory on
it. We have a 3rd server with Exchange server 2000. The computers are
connecting to the network and the drive mappings are working. When we go
into Active Directory Users and Computers on the 2nd active directory server
it all looks fine. But we get the following error message when we go into
We get the following error message Active Directory Users and Computers on
the W2k server runing Exchange. "Naming information can not be located
because: The serve is not operational. Please see you system
administrator..."

I there a way to make the 2nd Active directory serve take control of the
Active directory, or should I setup another server with the same name and do
a system restore to try to get the active directory running again?
If You don't have the backup copy of this 1'st DC and You are not able
to recover it form disaster seize FSMO roles with ntdsutil as described
in this KB article:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;255504
 
M

Mark Renoden [MSFT]

Hi Scott

I think the action plan to recover from this point depends on whether or not
you have a good backup of the failed server. Given that you have a second
DC working properly, it might be worth cleaning up the current configuration
and rebuilding the original DC from scratch. As Tomasz suggested, the first
step would be to seize the FSMO roles using

255504 Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain
Controller
http://support.microsoft.com/?id=255504

Second, I'd ensure that the working DC is running DNS, has a good copy of
the zone that represents your internal name space and that all clients and
servers use this DC as the preferred DNS server.

To address the issue you have accessing Active Directory Users and Computers
from the Exchange server; it might be the case that you it configured to
specifically point to the failed server. If you open Active Directory Users
and Computers, you'll probably notice the name of the DC you are connecting
to. If you right-click Active Directory Users and Computers in the console,
you'll have the option to connect to a different DC.

The next step would be to clean up the Active Directory to remove the
existance of the failed DC. You can do this by following:

216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
http://support.microsoft.com/?id=216498

Once these steps have been taken, you should be able to rebuild the failed
DC from scratch, join the domain and promote it again.

While this is generally a good approach, it's often better in this situation
to log a case with support and obtain advice specific to your issue.

Kind regards

--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Ad

Advertisements

S

Scott Buerkley

Thank you both. I seized the FSMO onto the AD server that was still running
per the kb 255504. Then setup AD on another server also and set the 2nd AD
server to store the global catalog and it is all working great.

Thanks for all your help!!!

Thx,
Scott Buerkley


Mark Renoden said:
Hi Scott

I think the action plan to recover from this point depends on whether or not
you have a good backup of the failed server. Given that you have a second
DC working properly, it might be worth cleaning up the current configuration
and rebuilding the original DC from scratch. As Tomasz suggested, the first
step would be to seize the FSMO roles using

255504 Using Ntdsutil.exe to Seize or Transfer FSMO Roles to a Domain
Controller
http://support.microsoft.com/?id=255504

Second, I'd ensure that the working DC is running DNS, has a good copy of
the zone that represents your internal name space and that all clients and
servers use this DC as the preferred DNS server.

To address the issue you have accessing Active Directory Users and Computers
from the Exchange server; it might be the case that you it configured to
specifically point to the failed server. If you open Active Directory Users
and Computers, you'll probably notice the name of the DC you are connecting
to. If you right-click Active Directory Users and Computers in the console,
you'll have the option to connect to a different DC.

The next step would be to clean up the Active Directory to remove the
existance of the failed DC. You can do this by following:

216498 HOW TO: Remove Data in Active Directory After an Unsuccessful Domain
http://support.microsoft.com/?id=216498

Once these steps have been taken, you should be able to rebuild the failed
DC from scratch, join the domain and promote it again.

While this is generally a good approach, it's often better in this situation
to log a case with support and obtain advice specific to your issue.

Kind regards

--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top