Restoring 2012 Domain Controller VM
When doing a full VMware virtual machine restore of a Windows Server 2012 Domain Controller, the restore complete successfully and the VM boot up correctly but none of DC services work. i’m not able to login to the DC server, get the error ” There are currently no logon servers available to service the logon request.” I can only login to the server if I boot into safe mode.
did a couple of restores of different 2012 domain controllers and all came back with the same errors. the ones that allowed me to login gave this error when opening any DC service ” the configuration information describing this enterprise is not available. the specified domain either does not exist or could not be contacted.” very weird I made sure DC is not booting into recovery mode and rebooted multiple times.
was wondering if anyone saw this error? i’m still waiting on support to get back to me, but thought it might be faster to post here.
http://www.veeam.com/kb_articles.html/kb1277
http://www.veeam.com/kb_articles.html/kb1280
boot the machine up in dsrm
1 |
bcdedit /set safeboot dsrepair |
log in with ds repair mode password .\Administrator
run the bcdedit command to set and remove dsrepair mode
1 |
bcdedit /deletevalue safeboot |
1 |
net stop ntfrs |
Open regedit, Browse to the following extension:
1 |
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters |
Add the following dword (32 bit) value: Repl Perform Initial Synchronizations
And leave this set to 0.
http://www.veeam.com/kb_articles.html/kb1280
then open regedit and expand:
1 |
HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup |
Set the burflags to d2 (sometimes you will have to use d4, but only do this in isolated network or it will overwrite other DC’s during replication)
reboot
Reset the DSRM administrator password
- Click Start > Run, type ntdsutil, and then click OK.
- At the Ntdsutil command prompt, type set dsrm password.
- At the DSRM command prompt, type one of the following lines:
- To reset the password on the server on which you’re working, type reset password on server null. The null variable assumes that the DSRM password is being reset on the local computer. Type the new password when you’re prompted. Note that no characters appear while you type the password.
-or-
- To reset the password for another server, type reset password on server servername, where servername is the DNS name for the server on which you’re resetting the DSRM password. Type the new password when you’re prompted. Note that no characters appear while you type the password.
- At the DSRM command prompt, type q.
- At the Ntdsutil command prompt, type q to exit.