lsass.exe - System Error : Security Accounts Manager initialization failed because of the following error: Directory Service cannot start. Error Status: 0xc00002e1. Please click OK to shutdown this system and reboot into Directory Services Restore Mode, check the event log for more detailed information.
Directory Services Restore Mode??? I though this must be pretty bad, and I was right.. the Active Directory database was corrupt, I thought OK I'll get them to restore the system state from last nights backup.... They don't do backups, after a few harsh words with them I knew I'd have to do it the hard way. I have actually done this before a few years back with 2000 Server but this is 2008, luckily the same procedure but it took me a while to remember what i needed to do so here's the general jist for future reference.
On startup press F8 and enter the system via the "Active Directory Restore" option.
When asked for the Username and password enter "Administrator" and the Active Directory Restore Password, this should be listed in the password file and would have been set up when the domain controller was first promoted.
Step 1
- Once the system has booted, go to start -> Run and type "cmd" to go to the command prompt
- In the Command Prompt type "ntdsutil.exe" and press enter to go into the Active Directory Restore program.
- Type "Files" and press enter then type "Info" and press enter this will give you the current location of the NTDS Datastore and should read something like "C:\Windows\NTDS\"
- On the file list given make sure that the following files are present
- NTDS.dit, DSADATA.bak, res2.log res1.log, and edb.log
- Find the file edb.chk under the file path given and rename it to edb.old reboot the machine and see if it boots, if not go to step 2
- Boot back into Active Directory Restore mode (as above) and open up another command prompt window (Start->Run->cmd)
- Type the following command to repair any corrupted database files
- ESENTUTL /g \ntds\NTDS.dit /!10240 /8 /v /x /o Exchange the for whatever the NTDS folder was displayed as previously, e.g. ESENTUTL /g C:\windows\ntds\NTDS.dit /!10240 /8 /v /x /o
- If you recieve a "jet_error" or a "database corrupt" error then go back into the NTDSUtil program to repair it as follow
- From the command prompt type
- NTDSUtil
- Type "Files" and press enter
- Type "recover" and press enter
- This will repair and damaged files in the Active Directory, after this type "Quit" and press enter then "Quit" and press enter again.
- Use the ESENTUTL again to attempt to repair the database again e.g.
ESENTUTL /g \ntds\NTDS.dit /!10240 /8 /v /x /o - If you still recieve an error goto Step 3 otherwise reboot and try again.
- Move all of the .log files from the NTDS folder to a seperate folder (you can delete this later if it works)
- Go to the command prompt and enter the NTDSUtil again
- Type "Files" and press Enter
- Type "integrity" and press Enter
- This will attempt to repair the database without any of the previous transactions stored in the log files (it's probably whatever is in the log file is corrupting the database)
- Type "Quit" and press enter
- Type "Semantic Database Analysis" and press enter
- Type "Go" and press enter, this will give a quick check of the files again
- If errors still occur at this stage then type "Go Fix" and press enter
- Type "Go" and press enter again, this should now have no errors
- Reboot the system and it should now work.
No comments:
Post a Comment