If you restore a DC and it starts in Safe Mode, probably, your AD DB is corrupted . For this reason, when you try to boot, it starts starts automatically in Directory Services Restore Mode .
To resolve this problem, we need to fix the corrupted DB through ESEUTIL utility.
Open a Powershell and issue this command:
|
1 |
ESENTUTL /g C:\windows\NTDS\ntds.dit /!10240 /8 /o |
At this point we need to try to recover the DB.
|
1 |
ntdsutil |
Now type
|
1 |
activate instance ntds |
Type
|
1 |
files |
Type
|
1 |
info |
At this point, we will try a “soft” recover.
Type
|
1 |
recover |
In my case I received an error ” *** Error: Operation not allowed because AD DS/LDS files are in the restored state. Restart the directory instance to finalize the restore process “
In this case go to c:\windows\NTDS
Create a OLD folder and move the *.log and *.chk into .
After that issue an “hard” recovery with this command :
|
1 |
ESENTUTL /p C:\Winnt\NTDS\ntds.dit /!10240 /8 /o |
at this point re-run the /g to check the DB consistency
|
1 |
ESENTUTL /g C:\windows\NTDS\ntds.dit /!10240 /8 /o |
good!
After that, run MSCONFIG and deselect the “Active Directory Repair”
Reboot and it’s done.