Help with necessary information missing in the BCD

Copper Contributor

Hello Community and good day,

 

I am requesting assistance with an issues we started seeing lately with regards to a physical domain controller server running Microsoft Windows Server 2012 R2.

 

Basically, bcdedit cannot run properly and it is causing a Veeam Agent for Microsoft Windows backup job to fail with the following error:

 

==================================================
20/10/2022 16:17:48 :: Error: Failed to disable DC SafeBoot mode Cannot get [BcdObject.Id="{9dea862c-5cdd-4e70-acc1-f32b344d4795}",StoreFilePath=""] object. COM error: Code: 0xd0000001
==================================================

 

There has been no changes to the affected server, the issue just started out of the blue.

 

As part of the initial troubleshooting, we noticed that the affected server is missing the registry key "HKEY_LOCAL_MACHINE\BCD00000000" and that the Msconfig Startup Selection is set to "Selective Startup". We are getting the error message I have attached when trying to select the "Normal startup":

 

==================================================

screenshot.pngscreenshot1.png

==================================================

 

Any observations/recommendations on this matter will be greatly appreciated.

 

Thanks and Regards,

 

Massimiliano Rizzi

3 Replies

The much simpler and safer method would be to stand up a new one for replacement. 

 

I'd use dcdiag / repadmin tools to verify health `correcting all errors found` before starting `any` operations. Then stand up the new 2012, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

@mrizzi2 just checking if there's any progress or updates? please don't forget to mark helpful replies

 

 

Hi there Dave,

thank you for your reply. It is very much appreciated. I would like to apologize for my delayed response.

I confirm that we will go ahead and demote it to member server in the first instance.

I really hope we manage to solve this issue by demoting to member server. At least the Veeam Agent for Microsoft Windows won't need to deal with disabling DC SafeBoot mode anymore as part of Backing up the Domain Controller.

Regarding the the possibility of standing up a new one for replacement, unfortunately the affected server is a physical box located in a remote site. As a result, I am afraid I might need to try to take a deeper look into the issue (should it persist after the demotion to member server) as it is not so immediate to replace the box.
Kind Regards,

Massimiliano