Windows 2000 Domain Controller doesn't realise it is...

[Belthasar]

Recently, a virus spread through our network and infected a Windows 2000 Domain Controller, the virus itself was eradicated, but when the system boots it not cannot access the domain and seems to have nothing to do with it:

1) You cannot access any Active Dicectory Snap-Ins becuase "The specified domain either does not exist or cannot be contacted"

2) In "System Properities", under Network Identification, it no longer says that this computer cannot join/change domains because it is a domain controller (It still has "because it is a certificate authority&quot

3) Cannot access DFS root (which was on the DC)

2) Services such as WINS, DHCP, and DNS have failed because they cannot communicate with active directory...

I am thouroughly stuck with this, I only found one solution so far, to boot in Directory Restore mode and run "authoritative restore" and "restore database" - when this was attempted (After reboot and the special "Windows is starting in -Directory Restore mode" startup) when I ran ntdsutil and tried "authoritative restore" it said to boot into DSrestore mode (Which I was in) but it gave an override command "set BOOTOPTION_" (I am recalling the last 30 hours and attempting to use good English at the same time - forgive me for abbreviating). I used the "set..." command and then re-ran "authoritative restore" and ran "restore database" and it seemed to work (and said it had completed) but the problems were the same when I rebooted... There are no backups of the system while it was functioning, that would have been done in approximately six hours from now...

Anyone who has any ideas about this please let me know.

 

[mozingod]

Can you run DCPROMO to demote, the re-premote the server? Try backing up the user accounts you have now first though. Darrell Mozingo
MCP (soon MCSA), A+, Network+, i-Net+, MOUS 2000 Master

 

[Belthasar]

Reply and Update on problem ->

Since this machine runs the Enterprise Root CA, I don't believe I that is possible, but I will check.

Problem UPDATE - The system now realises it is a domain controller (under System and Network ID) and Distributed File System seems to work but I get new error messages when attempting to do anything Active Directory related that say, "No authority can be contacted for authentication".

Also - I now longer believe that this problem has anything to do with the virus that infected the server - I now believe it is because the first thing that was done by the guy who was there was to delete all the instances of the virus, delete the services it created for itself and (unfortunately) "Boot into last known good configuration" because I have examined all logs of what was deleted or changed by him and have also looked up the virus online and read through all the info and what was done (other than the booting in L.K.G.C) should have solved the problem.

Needless to say, the firewall which *should* have been running now is, the proper Microsoft Security Patches have been loaded, and virus scanners have been bought for the workstations (and for the non-functioning server).