We have a small business server 2008 running in windows hyper-v, yesterday the hyper-v manager reported the SBS server was in ‘Pause Critical’ state.
This turned out to be because of snapshots taking up disk space but not reporting that the drive was running low.
After moving the snapshots to another drive and re-booting the server, services came up but trust was lost between domain machines and the SBS server, so we left and re-joined the machines to the domain.
However when looking at our exchange emails they only went back to July. After some investigation the server must have been working off data in the snapshot, so we merged the snapshot back with the main hard drive.
All the emails returned and data was restored.
However the domain is not working correctly and it looks like our Active Directory is broke, in the DNS manager (pic attached) our domain.local entry will not load and the same with our reverse lookup zone.
After spending time searching for this error yesterday we have tried the dcdiag /fix command but it fails on the connectivity test. Also we tried deleting and re-creating the _msdcs record with no luck.
At this point we are ready to start a re-build as there is no clear solution to fix it. If anyone has any suggestions to a fix they would be really appreciated.
Dcdiag /fix output
Directory Server Diagnosis
Performing initial setup:
Trying to find home server…
Home Server = SBS
- Identified AD Forest. Done
gathering initial info.Doing initial required tests
Testing server: Default-First-Site-Name\SBS Starting test: Connectivity The host 34358f17-16d4-4113-b648-49113363dbc3._msdcs.thap.localcould
not be resolved to an IP address. Check the DNS server, DHCP,server
name, etc. ......................... SBS failed test ConnectivityDoing primary tests
Testing server: Default-First-Site-Name\SBS Skipping all tests, because server SBS is not responding todirectory
service requests. Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed testCheckSDRefDom
Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed testCheckSDRefDom
Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed testCheckSDRefDom
Starting test: CrossRefValidation ......................... Configuration passed testCrossRefValidation
Running partition tests on : thap Starting test: CheckSDRefDom ......................... thap passed test CheckSDRefDom Starting test: CrossRefValidation ......................... thap passed test CrossRefValidation Running enterprise tests on : thap.local Starting test: LocatorCheck ......................... thap.local passed test LocatorCheck Starting test: Intersite ......................... thap.local passed test Intersite
This is an edited screen shot of the DNS configuration running on the SBS server.
When we click on a entry with a red cross on it the error we get is
Zone not loaded by DNS server
This is the error we get in the event viewer on SBS
The DNS server was unable to complete directory service enumeration of zone thap.local. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "000020EF: SvcErr: DSID-02070B0E, problem 5012 (DIR_ERROR), data -1526". The event data contains the error.
Cheers
Tony
Best Answer
At this point I would suggest that you take a solid backup of everything you have then re-build the SBS from the ground up. You have all your mailbox data and presumably can backup all your file data - An SBS AD structure is typically not massive so it should take under 1 day to set all that back up again.
You may be able to recover by removing and re-adding DNS Role on the server but at this point I suspect your troubles run deeper than this. You'll almost certainly need to remove and re-join all of the machines to the domain once more.
You can also try a cheat - try adding the domain name to the HOSTS file entry on the SBS, then re-try the /fix process. The issue may be that the server cannot resolve the DNS name of the domain (because DNS is busted!) and this may side-step it.
This is a powerful example of why snapshots should never be taken on domain controllers, but that advice is a little bit late for you ;(