Here’s the scenario:
- A SBS 2011 server had a dirty shutdown (or a series of them). There are no other DCs in the domain.
- When the server came back up, most services appeared to be started (including DNS server).
- Problems were discovered when users weren’t able to access network shares.
- It was determined that DNS wasn’t functioning properly on the server…when you’d launch the DNS console, I got an Access Denied.
- Since this was the only DC & DNS server, this meant AD and Exchange weren’t working properly, resulting in all sorts of errors in the event logs, including 4000 and 4007.
The first step was a reboot of the server, which did no good. I confirmed that the IP of the server was set properly on the NIC- it was. I even tried changing it to the loopback as a test, but no good.
A little bit of googling returned this link.
Surely enough, stopping KDC and running the following (I used the domain administrator) on the server resolved the issue after a reboot:
netdom resetpwd /server:<PDC.domain.com> /userd:<Domain\domain_admin> /passwordd:*