DNS Access Denied message on a SBS 2011 server after a dirty shutdown

Here’s the scenario:

  • A SBS 2011 server had a dirty shutdown (or a series of them). There are no other DCs in the domain.
  • When the server came back up, most services appeared to be started (including DNS server).
  • Problems were discovered when users weren’t able to access network shares.
  • It was determined that DNS wasn’t functioning properly on the server…when you’d launch the DNS console, I got an Access Denied.
  • Since this was the only DC & DNS server, this meant AD and Exchange weren’t working properly, resulting in all sorts of errors in the event logs, including 4000 and 4007.

The first step was a reboot of the server, which did no good. I confirmed that the IP of the server was set properly on the NIC- it was. I even tried changing it to the loopback as a test, but no good.

A little bit of googling returned this link.

Surely enough, stopping KDC and running the following (I used the domain administrator) on the server resolved the issue after a reboot:

netdom resetpwd /server:<PDC.domain.com> /userd:<Domain\domain_admin> /passwordd:*

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s