A lab.. nice. You have one? Wish I did. I lack the hardware to set one up. I've tried many times to get the boss to let loose of some cash so I can set one up, even older used equipment would be useful, but no...
Daniel Chenault dchena...@lgnetworksinc.com [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, June 12, 2012 9:01 PM To: NT System Admin Issues Subject: RE: in-depth AD <Failure to communicate alert> You've misunderstood the suggestion. You've been advised to restore a recent backup (one made since the problem began) to an isolated lab DC, as an experiment. The theory is, since recent backups complete successfully, perhaps the backup does not contain the corruption, or the corruption may not be restored. Carl From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]<mailto:[mailto:dchena...@lgnetworksinc.com]> Sent: Tuesday, June 12, 2012 5:57 PM To: NT System Admin Issues Subject: RE: in-depth AD *shrug* Alrighty then... I may actually be able to get my grubby little hands on a backup that predates the first 447 event (that is, before 1/6/12). Rather concerned though; that is well past the default tombstone age of 60 days (and what is currently set). From what I read in Technet the restore of one that old will be disallowed. Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Andrew S. Baker [mailto:asbz...@gmail.com]<mailto:[mailto:asbz...@gmail.com]> Sent: Tuesday, June 12, 2012 4:50 PM To: NT System Admin Issues Subject: RE: in-depth AD What Steven said. You only have one functional DC, and no useful historical backups. You might want to know if the one you have can be restored, and, if perchance the restore avoids the problem. -ASB: http://XeeMe.com/AndrewBaker Sent from my Motorola Droid RAZR On Jun 12, 2012 5:17 PM, "Daniel Chenault" <dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com>> wrote: Uh... what's the point? The problem I'm having predates that backup by MONTHS. Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Andrew S. Baker [mailto:asbz...@gmail.com<mailto:asbz...@gmail.com>] Sent: Tuesday, June 12, 2012 3:53 PM To: NT System Admin Issues Subject: Re: in-depth AD Try restoring that somewhere offline and see if the problem remains ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Tue, Jun 12, 2012 at 3:56 PM, Daniel Chenault <dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com>> wrote: Did a backup last night before booting into DSRM and it completed without error for whatever that is worth. 2008 R2 SP1, English, 64-bit Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Damien Solodow [mailto:damien.solo...@harrison.edu<mailto:damien.solo...@harrison.edu>] Sent: Tuesday, June 12, 2012 2:04 PM To: NT System Admin Issues Subject: RE: in-depth AD Ah... I was thinking something different based on what you were saying earlier. Are able to get a successful system state backup from that DC? Also, what Windows version is the DC in question? DAMIEN SOLODOW Systems Engineer 317.447.6033<tel:317.447.6033> (office) 317.447.6014<tel:317.447.6014> (fax) HARRISON COLLEGE From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]<mailto:[mailto:dchena...@lgnetworksinc.com]> Sent: Tuesday, June 12, 2012 2:38 PM To: NT System Admin Issues Subject: RE: in-depth AD It's an object of type... uh... I dunno... you tell me... NTDS (1836) A bad page link (error -327) has been detected in a B+ Tree (ObjectID: 163, PgnoRoot: 952) of database c:\windows\ntds\ntds.dit (2596 => 3372, 3369) Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Damien Solodow [mailto:damien.solo...@harrison.edu]<mailto:[mailto:damien.solo...@harrison.edu]> Sent: Tuesday, June 12, 2012 1:27 PM To: NT System Admin Issues Subject: RE: in-depth AD Couple questions: 1) I assume there are multiple domain controllers? Do they all report this same error or is it just one DC? 2) What object is an error being reported on? Depending on the object type you may have different options for dealing with it DAMIEN SOLODOW Systems Engineer 317.447.6033<tel:317.447.6033> (office) 317.447.6014<tel:317.447.6014> (fax) HARRISON COLLEGE From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]<mailto:[mailto:dchena...@lgnetworksinc.com]> Sent: Tuesday, June 12, 2012 2:19 PM To: NT System Admin Issues Subject: RE: in-depth AD Failed with an error (1206 I believe) stating the database is corrupt. Let me clarify: I, and Microsoft, have run every possible switch or command available via ntdsutil and esentutl. Each one failed with an error stating corruption. Wanting to try and edit the file manually is not a whim or a wild idea but a last-ditch effort unless someone has a better idea. Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Michael B. Smith [mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]> Sent: Tuesday, June 12, 2012 11:56 AM To: NT System Admin Issues Subject: RE: in-depth AD Have you done a defrag of the ntds.dit? From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]<mailto:[mailto:dchena...@lgnetworksinc.com]> Sent: Tuesday, June 12, 2012 12:23 PM To: NT System Admin Issues Subject: RE: in-depth AD Oh yes, it's up and running. Basic AD functionality is there; I can create users, assign permissions and other simple stuff. No replication is happening and it's to the point that I cannot open the EMC. Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] From: Brian Desmond [mailto:br...@briandesmond.com]<mailto:[mailto:br...@briandesmond.com]> Sent: Tuesday, June 12, 2012 11:13 AM To: NT System Admin Issues Subject: RE: in-depth AD Does the machine boot? Thanks, Brian Desmond br...@briandesmond.com<mailto:br...@briandesmond.com> w - 312.625.1438<tel:312.625.1438> | c - 312.731.3132<tel:312.731.3132> From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]<mailto:[mailto:dchena...@lgnetworksinc.com]> Sent: Tuesday, June 12, 2012 10:54 AM To: NT System Admin Issues Subject: in-depth AD It's a long story, aren't they all, but the root of my issue is this: I am getting Event ID 447 for Database Corruption on ntds.dit. Microsoft is telling me to do an authoritative restore. Problem is this problem goes back to January; it is highly doubtful I can locate a backup pre-dating that time frame. I inherited this mess and am just trying to fix it. This corruption is causing several different problems (naturally). What I want to know from the collective list wisdom and knowledge is... is it possible to use a tool, such as adsiedit, to locate a specific object (it is called out specifically in the aforementioned event) and edit/massage/delete/assassinate the object? Because, as I see it, I have three choices at this point: 1) Auth restore (highly unlikely) 2) Edit/massage ntds.dit (maybe?) 3) Recreate this entire domain from scratch (seven locations internationally, hundreds of users and computers, lord knows how many printers total, plus Exchange and Great Plains, permissions on umpty-hundred shares - just shoot me now) Daniel Chenault dchena...@lgnetworksinc.com<mailto:dchena...@lgnetworksinc.com> Office: 972-528-6546 x 1002<tel:972-528-6546%20x%201002> Fax: 972-982-0054<tel:972-982-0054> 9550 Skillman Road Suite 500 Dallas, TX 75243 [Description: Description: cid:image001.jpg@01CCF24C.F9B05160] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>