How To Recover a Deleted Domain Controller Computer Account in Windows 2000

Article translations Article translations
Article ID: 248132 - View products that this article applies to.
This article was previously published under Q248132
Expand all | Collapse all

On This Page

SUMMARY

This article describes how to recover a domain controller computer account that has been inadvertently deleted from the Domain Controllers OU.

Because the Active Directory Installation Wizard requires a working connection to another domain controller in the domain, you cannot use the Active Directory Installation Wizard to demote and then promote the orphaned domain controller.

To recover an orphaned domain controller computer account, use the appropriate method:

Method 1

  1. Run Windows 2000 Setup on the orphaned domain controller to re-install the operating system.
  2. Configure the computer as a domain controller.

Method 2

NOTE: The following steps must be performed on the orphaned domain controller and any other domain controllers in the domain.
  1. Restart the domain controller.
  2. When the Windows 2000 Startup menu is displayed, select Directory Services Restore Mode, and then press ENTER.
  3. Restore the System State from a backup set that was created prior to the computer account deletion.
  4. At a command prompt, type ntdsutil, and then press ENTER.
  5. Type authoritative restore, and then press ENTER.
  6. Type restore subtree "cn=domain controller,ou=Domain Controllers,dc=domain name,dc=xxx", and then press ENTER, where domain controller is the computer name of the domain controller, domain name is the domain name the domain controller resides in, and xxx is the top level domain name of the domain controller, such as com, org, or net.

    Important
    • If you want to restore a domain controller (DC) that is running Windows 2000 Server, you should proceed to the next step and authoritatively restore the Sites container that is in the Configuration partition to ensure the serverReference attribute that links to the one or more restored DCs is updated.
    • If you want to restore a domain controller (DC) that is running Windows Server 2003 Service Pack 1 (SP1) or a later version, you should proceed to step 8. When the restored DC is back online, and when all of the restored DCs have replicated to all DCs, you should use ldifde.exe to import the ar_YYYYMMDD-HHMMSS _links_rootdomainname-Configuration.ldf file that was created when the Domain Controllers OU was restored. This operation ensures that the serverReference attribute is updated.
  7. Type restore subtree "cn=Sites,cn=Configuration,dc=root domain name,dc=xxx ", and then press ENTER, where root domain name is the forest root domain name, and xxx is the top level domain name of the domain controller, such as com, org, or net.
  8. Type quit, press ENTER, type quit, and then press ENTER.
  9. Type exit, and then press ENTER.
  10. Restart the domain controller.




REFERENCES


For additional information about orphaned domain controllers, click the article number below to view the article in the Microsoft Knowledge Base:
230306 How to Remove Orphaned Domains from Active Directory
For additional information about demoting and promoting domain controllers, click the article number below to view the article in the Microsoft Knowledge Base:
238369 How to Promote and Demote Domain Controllers in Windows 2000
For additional information about performing an authoritative restore, click the article number below to view the article in the Microsoft Knowledge Base:
241594 How to Perform an Authoritative Restore to a Domain Controller

Properties

Article ID: 248132 - Last Review: January 28, 2010 - Revision: 3.0
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
Keywords: 
kbhowto kbhowtomaster kbnetwork KB248132

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com