Error 0xc00002e2 on a Domain Controller


I’ve run into this one a few times now. The usual cause is an improper shutdown, usually a power failure etc.

Essentially, your Active Directory Domain Services database (located in C:\Windows\NTDS\ntds.dit) is unhappy for some reason (usually data corruption). Most often the cause is a bad logfile in the same directory.

The usual contents of the NTDS folder. Often there are more/fewer .log files.

First thing to do is to boot into Directory Services Restore Mode – this will not start any domain services (guide to do this) and will allow you to log in as the local Administrator user (.\Administrator – which is usually impossible for a DC). The password is the DSRM password set during the AD DC Promotion procedure.

If you don’t have this password recorded, you’re going to likely have to restore the domain controller from a backup. I then highly recommend you reset the DSRM password once you’re back online to save you time if this happens again. Here’s a guide.

Once you’re in, open a command prompt (as admin) and run the following check-disk command to fix the file system:

> chkdsk /F C:

Hit Y and restart. Let it work it’s magic, then shut down (as you’re probably at the same blue-screen as before, and boot back into directory services restore mode.

Once there, log back in and open an administrative command prompt. Run the following:

> del C:\Windows\NTDS\*.log
> esentutl /p "C:\Windows\NTDS\ntds.dit"

The second command will often prompt for confirmation, click Yes. Once it’s done, restart the server.

You should now be at the familiar login screen and be able to log in again with domain accounts. Domain computers should now be able to authenticate once again, and DNS should be working just fine.

Leave a comment

Your email address will not be published.