2003/Service Pack 2 - DEAD DOMAIN

Masejoer

Gawd
Joined
Mar 11, 2001
Messages
698
Yesterday another developer decided it'd be a great idea to update our domain server located on a separate network to Service Pack 2 as the ones shipping from Dell come with SP2 already loaded. After the install the entire system has gone belly up with no DNS services, authentication, or anything working on the system any longer. The entire domain on that network is now down. The backup of pre-sp2 was performed during the install but I cannot get in and uninstall the update as it complains about not being able to find a file. Opening up Services doesn't list a single thing so I can't see whats running and what isn't. I cannot get in the Controller Recovery mode as whoever setup the server 3 years ago doesn't appear to have written the password down anywhere. The guide online for resetting it isn't working as it complains about a service not running. Now it isn't a HUGE deal at this point as we can recreate what was on there (15 user accounts for Citrix authentication) if need be but I've been banging my head against the wall all morning/afternoon as to what could have gone wrong with the update yesterday. Any ideas where to look? I can't seem to find anything on this exact same problem using Google.

We don't have an employed IT person as we've been able to handle everything fine up until this point with relatively little issue.
 
Sounds like he didn't disable the av services on the machine before doing the upgrade and it blocked some stuff. Thats the only way I've seen stuff like that happen.

Disable the av software and try to reinstall sp2.
 
oh, other weird issues are the network devices don't show up in Network Connections (but is in device manager), opening internet explorer makes it close almost immediately, and the Manage Your Server window comes up completely blank. It "seems" the entire system is gone.
 
Sounds like he didn't disable the av services on the machine before doing the upgrade and it blocked some stuff. Thats the only way I've seen stuff like that happen.

Disable the av software and try to reinstall sp2.

I tried reinstalling sp2 and it failed...due to something. I'll get the exact error in a few minutes once I can get logged back in. Login doesn't show the local computer, just the domain. With the first ctrl alt del to bring up the login window all fields are blank so selecting the domain makes it hang for like 15 minutes before the domain name comes up. Right now it seems its just logging in with cached credentials once I can get to that point.
 
Boot to the recovery console and uninstall SP2 -

http://windowsxp.mvps.org/spuninst.htm

btw, we recently had a domain controller die (that was also a DNS server) - it sucks. Luckily, I had recently setup a BDC - so I just had to seize the roles from the offline PDC and all was well...
 
but we don't know the password that was used for recovery (nothing we have documented, nor is it (blank)), nor is it letting us reset it without a service that keeps failing to run, even in safe mode.
 
The screwed up thing about this is that a second domain controller was/is scheduled to be put in before Thanksgiving.

My error for trying to reinstall service pack 2 is "Setup could not verify the integrity of the file update.inf. Make sure the Cryptographic service is running on this computer." I can't even get into services to do anything/check anything as the list doesn't populate.
 
You could use Nordahl's password recovery disk to reset the local administrator password on that box to <blank> (cd/floppy/usb)
 
The screwed up thing about this is that a second domain controller was/is scheduled to be put in before Thanksgiving.

My error for trying to reinstall service pack 2 is "Setup could not verify the integrity of the file update.inf. Make sure the Cryptographic service is running on this computer." I can't even get into services to do anything/check anything as the list doesn't populate.

You can use "net start servicename" to start a service if you want to try that.
 
Nothing was working so I went ahead and went the better route that would actually get me somewhere - rebuild the domain. Other than having to have people reset their passwords on Monday, my testing seems to be that everything is fully functional again. This would be much worse if there were a large number of users requiring a connection.

Is there a way to automatically backup the Users and Computers and DNS setup each week? Command prompt commands or something that can be setup as a scheduled task?
 
Nothing was working so I went ahead and went the better route that would actually get me somewhere - rebuild the domain. Other than having to have people reset their passwords on Monday, my testing seems to be that everything is fully functional again. This would be much worse if there were a large number of users requiring a connection.

Is there a way to automatically backup the Users and Computers and DNS setup each week? Command prompt commands or something that can be setup as a scheduled task?

A bunch of the backup programs allow you to backup active directory. With what backup exec calls IDR you can install a fresh install of windows and use the IDR recorvery to have it restore active directory, programs, etc.
 
I think we just need a copy of Ghost ;)

Hard drive space is so big now and the operating system partitions so small, its hard to go wrong.
 
Back
Top