Below is a classical case of a crashed NT system making partial recovery, marked with complications:
The System:
Dual-Pro AcerAltos 21000 with hardware based RAID
Disks: Two mirrored 17.5 GB SCSI disks
OS: Windows NT 4.0
Partitions: 2 GB FAT, 5 GB NTFS, 9 GB NTFS
Domain: Win2k Mixed mode
This system was PDC before we promoted the BDC to PDC and upgraded it become the first Win2K DC. Now it’s working as the only NT BDC.
The Problem:
On Friday evening the RAID controller of our NT system had a major bump which completely freezed the system. After reboot the RAID got back on its feet but the OS didn’t. NT couldn’t load; ntldr loaded fine, so did the boot.ini and ntdetect.com. The problem was with the ntoskrnl.exe which didn’t load the required system files. Just before the blue screen on the kernel, where we see the momentary “Press space bar now for LKGC”, it splashed the following message:
“Windows NT could not start because one of the following files is corrupt or missing:
WINNT\SYSTEM32\CONFIG\SYSTEM
Your can attempt to repair Windows NT by pressing ‘r’ blah blah blah”
The Recovery Process:
First, as I couldn’t arrange for the SCSI controller driver in time, I started the system in PC-DOS and replaced the file from the Repair Disk, but it didn’t work. Then I placed all the files from the Repair Disk in the ...\config\ directory but to no avail.
On Saturday morning, I got the SCSI controller driver from the vendor and started the proper recovery process using the Repair Disk (Aug 13, when the last configuration change was made). This went fine and finally the system got on its feet again. I re-applied service pack 6a. So far so good.
When I started to minutely examine the system I found that, among other things, the AV engine failed to start, server service messages notifying missing shares and related user permissions. But the overall full synchronization of SAM an LSA databases went fine. I then decided to take another risk by restoring the registry from last week’s tape backup. Went ahead with this and resolved all the issues but a bigger problem emerged. The system did not load the Netlogon service and gave “Access is denied” message when I attempted to start the service manually.
Current Status:
This translates that this system (BDC) and the Win2k DC (PDC) do not recognize each other. The system starts with “Failed to authenticate with SERVER, the domain controller for the domain DOMAIN” message. Although, there’s nothing wrong with the system as far as the domain management affairs are concerned. I can administer the domain from both the servers and verify the changes done on one server from the other. But the sync’ing of the SAM and LSA DBs are not taking place which worries me.
Failure of Netlogon means this system can’t communicate with the Win2k system and it cannot authenticate the users. More seriously, when I upgarde this system to 2k, I might face problems.
Next Step:
What should I do now? Until now, I haven’t consulted anyone, no MS KB , no nothing. I did all what I felt was logical, and now my experience says that I should revert the system to the state when the last Repair Disk was made (Aug 13, when last config change was made). Will this resolve the issue? This is the million dollar question for the NT experts.
I’m going to do this either tonight or tomorrow evening. Anyone who has a logical explanation or a better solution is welcome to jump in.
If you've come thus far, you've come a long way...;-)
Regards, Mubashir
muhammad.mubashir@sbp.org.pk
No one's worth your tears. The one who is, won't make you cry.
The System:
Dual-Pro AcerAltos 21000 with hardware based RAID
Disks: Two mirrored 17.5 GB SCSI disks
OS: Windows NT 4.0
Partitions: 2 GB FAT, 5 GB NTFS, 9 GB NTFS
Domain: Win2k Mixed mode
This system was PDC before we promoted the BDC to PDC and upgraded it become the first Win2K DC. Now it’s working as the only NT BDC.
The Problem:
On Friday evening the RAID controller of our NT system had a major bump which completely freezed the system. After reboot the RAID got back on its feet but the OS didn’t. NT couldn’t load; ntldr loaded fine, so did the boot.ini and ntdetect.com. The problem was with the ntoskrnl.exe which didn’t load the required system files. Just before the blue screen on the kernel, where we see the momentary “Press space bar now for LKGC”, it splashed the following message:
“Windows NT could not start because one of the following files is corrupt or missing:
WINNT\SYSTEM32\CONFIG\SYSTEM
Your can attempt to repair Windows NT by pressing ‘r’ blah blah blah”
The Recovery Process:
First, as I couldn’t arrange for the SCSI controller driver in time, I started the system in PC-DOS and replaced the file from the Repair Disk, but it didn’t work. Then I placed all the files from the Repair Disk in the ...\config\ directory but to no avail.
On Saturday morning, I got the SCSI controller driver from the vendor and started the proper recovery process using the Repair Disk (Aug 13, when the last configuration change was made). This went fine and finally the system got on its feet again. I re-applied service pack 6a. So far so good.
When I started to minutely examine the system I found that, among other things, the AV engine failed to start, server service messages notifying missing shares and related user permissions. But the overall full synchronization of SAM an LSA databases went fine. I then decided to take another risk by restoring the registry from last week’s tape backup. Went ahead with this and resolved all the issues but a bigger problem emerged. The system did not load the Netlogon service and gave “Access is denied” message when I attempted to start the service manually.
Current Status:
This translates that this system (BDC) and the Win2k DC (PDC) do not recognize each other. The system starts with “Failed to authenticate with SERVER, the domain controller for the domain DOMAIN” message. Although, there’s nothing wrong with the system as far as the domain management affairs are concerned. I can administer the domain from both the servers and verify the changes done on one server from the other. But the sync’ing of the SAM and LSA DBs are not taking place which worries me.
Failure of Netlogon means this system can’t communicate with the Win2k system and it cannot authenticate the users. More seriously, when I upgarde this system to 2k, I might face problems.
Next Step:
What should I do now? Until now, I haven’t consulted anyone, no MS KB , no nothing. I did all what I felt was logical, and now my experience says that I should revert the system to the state when the last Repair Disk was made (Aug 13, when last config change was made). Will this resolve the issue? This is the million dollar question for the NT experts.
I’m going to do this either tonight or tomorrow evening. Anyone who has a logical explanation or a better solution is welcome to jump in.
If you've come thus far, you've come a long way...;-)
Regards, Mubashir
muhammad.mubashir@sbp.org.pk
No one's worth your tears. The one who is, won't make you cry.
