Forum Discussion
fernandomichels
Oct 26, 2020Copper Contributor
"The security database has not been started" after promote new DC
Hi,
I have two DC with W2K12 and W2K16. Recently, I've promoted a new server W2K19 as a domain controller.
All the process was successfully executed and after the first reboot, I can't do an interactive login.
I get the message "The user name or password is incorrect. Try again"
If I stop KDC service, I'm able to login to VM.
And when I try to change a user password, connected in this new DC, I get this message:
"Windows cannot complete the password change for <user> because: The security database has not been started"
I've checked DNS with DCDIAG, Replication with Ad Replication Status Tool.. everything seems to be ok
Someone could help me, please?
- adriansheedyCopper Contributor
fernandomichels Hi Fernando.
We have the same problem on a customer's domain. We went through weeks of support with MS to no avail. Did you sort it out?
- MichaelMcClintockCopper Contributor
adriansheedy did you ever figure this out? I'm facing the same issue now...
- adriansheedyCopper Contributor
MichaelMcClintock Sorry no I have no useful direction for you. MS Support was similarly unable to fix the issue. Their final recommendation was to rebuild from scratch. Grrrrr...
Please run;
- Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
- repadmin /showrepl >C:\repl.txt
- ipconfig /all > C:\dc1.txt
- ipconfig /all > C:\dc2.txt
- ipconfig /all > C:\dc3.txt
then put **unzipped** text files up on OneDrive and share a link.- fernandomichelsCopper Contributor
Hi Dave Patrick . I really appreciate any help.
Log files are on: https://1drv.ms/u/s!Am8pbgsXRHYGiNxIIAqLPaNB7l64Zw?e=bgZEy1
SRVASA-DC01 - Old DC W2K19
SRVASA-DC03- Old DC W2K16
SRVASA-DC04 - New DC WK19 with problems
SRVASA-DC05 - it was another try, unsuccessful too. I already demoted it.
I found this error messages in DCDIAG on DC04:
SRVASA-DC03.isGlobalCatalogReady = 1 Got error while checking if the DC is using FRS or DFSR. Error: The operation being requested was not performed because the user has not been authenticated.T he VerifyReferences, FrsEvent and DfsrEvent tests might fail because of this error.
Testing server: Matriz\SRVASA-DC01 Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Failure Analysis: SRVASA-DC01 ... OK. * Active Directory RPC Services Check [SRVASA-DC01] DsBindWithSpnEx() failed with error 5, Access is denied.. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... SRVASA-DC01 failed test Connectivity Testing server: Filial\SRVASA-DC03 Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Failure Analysis: SRVASA-DC03 ... OK. * Active Directory RPC Services Check [SRVASA-DC03] DsBindWithSpnEx() failed with error 5, Access is denied.. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... SRVASA-DC03 failed test Connectivity
There is no firewall enabled on both servers.
Please do not zip the files.