NTDS ISAM: Database Corruption

Discussion in 'Windows Small Business Server' started by Ian Van Wyck, Apr 9, 2005.

  1. Ian Van Wyck

    Ian Van Wyck Guest

    The Directory Services Event Log has been filling up with several hundred
    errors a day - repetitions of the series included here. The network is fairly
    simple - the DC and 10 clients. What is the most sensible course of action
    here?

    I have included four informational listings that immediately precede the
    errors in case they might illuminate the situation.

    --
    Ian Van Wyck
    British Columbia

    (Events listed beginning with earlier)

    Event Type: Information
    Event Source: NTDS ISAM
    Event Category: General
    Event ID: 103
    Date: 09/04/2005
    Time: 10:07:09 AM
    User: N/A
    Computer: ACT1
    Description:
    NTDS (684) NTDSA: The database engine stopped the instance (0).



    Event Type: Information
    Event Source: NTDS ISAM
    Event Category: General
    Event ID: 102
    Date: 09/04/2005
    Time: 10:08:03 AM
    User: N/A
    Computer: ACT1
    Description:
    NTDS (696) NTDSA: The database engine started a new instance (0).


    Event Type: Information
    Event Source: NTDS General
    Event Category: Service Control
    Event ID: 1000
    Date: 09/04/2005
    Time: 10:08:25 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: ACT1
    Description:
    Microsoft Active Directory startup complete, version 5.2.3790.62



    Event Type: Information
    Event Source: NTDS General
    Event Category: Service Control
    Event ID: 1394
    Date: 09/04/2005
    Time: 10:08:55 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: ACT1
    Description:
    Attempts to update the Active Directory database are succeeding. The Net
    Logon service has restarted.



    Event Type: Error
    Event Source: NTDS ISAM
    Event Category: Database Corruption
    Event ID: 467
    Date: 09/04/2005
    Time: 10:13:25 AM
    User: N/A
    Computer: ACT1
    Description:
    NTDS (696) NTDSA: Index DRA_USN_index of table datatable is corrupted (0).



    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1435
    Date: 09/04/2005
    Time: 10:13:25 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: ACT1
    Description:
    The Knowledge Consistency Checker (KCC) encountered an unexpected error
    while performing an Active Directory operation.

    Operation type:
    KccModifyEntry
    Object distinguished name:
    CN=NTDS Site
    Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Ourserver,DC=local

    The operation will be retried at the next KCC interval.

    Additional Data
    Error value:
    5 000020EF: SvcErr: DSID-02080495, problem 5012 (DIR_ERROR), data -1414

    Internal ID:
    f0804fe



    Event Type: Error
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1130
    Date: 09/04/2005
    Time: 10:13:25 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: ACT1
    Description:
    The Knowledge Consistency Checker (KCC) was unable to complete the topology
    for the following site.

    Site:
    CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Ourserver,DC=local

    An attempt to complete the topology for this site will be tried again at the
    next scheduled KCC interval (the current default is 15 minutes).

    Additional Data
    Error value:
    8409 A database error has occurred.
    Internal ID:
    f0804ff



    Event Type: Information
    Event Source: NTDS General
    Event Category: Global Catalog
    Event ID: 1869
    Date: 09/04/2005
    Time: 10:23:25 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: ACT1
    Description:
    Active Directory has located a global catalog in the following site.

    Global catalog:
    \\act1.Ourserver.local
    Site:
    Default-First-Site-Name
     
    Ian Van Wyck, Apr 9, 2005
    #1
    1. Advertisements

  2. Hi Ian,

    Welcome to the SBS public newsgroup.

    According to your description, I understand that you encountered some
    errors related to NTDS KCC and NTDS ISAM.

    Here I would like to give some suggestions according to each of your
    problem.

    Concerns with the error NTDS KCC:

    We need to perform an offline defragmentation.

    Use the following procedures to perform offline defragmentation. Procedures
    are explained in detail in the following articles:

    Active Directory Operations Guide
    Appendix A - Tasks Reference
    http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/ac
    tivedirectory/maintain/opsguide/part2/adogdapa.mspx#EUAA

    Appendix B - Procedures Reference
    http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/ac
    tivedirectory/maintain/opsguide/part2/adogdapb.mspx#E0CE0AA

    1. Back up system state. System state includes the database file and
    database log files as well as SYSVOL, NETLOGON, and the registry, among
    other things. Always ensure that a current backup exists prior to
    defragmenting database files.
    2. Take the domain controller offline, as follows:
    A. If you are logged on to the domain controller locally, restart
    the domain controller in Directory Services Restore Mode.
    B. If you are using Terminal Services for remote administration, you
    can remotely restart the domain controller in Directory Services Restore
    Mode after modifying the Boot.ini file on the remote server.
    3. Compact the directory database file (offline defragmentation). As
    part of the offline defragmentation procedure, check directory database
    integrity.
    4. If database integrity check fails, perform semantic database
    analysis with fixup.

    Concerns with the error NTDS ISAM:

    Please stop the any anti-virus software and backup utility on the SBS 2003
    to have a test.

    Then, follow the steps below:
    1. Start your computer in Directory Services Repair mode.
    2. At a command prompt, type the following lines, pressing ENTER
    after each:"ntdsutil files info" (without the quotation marks)
    The output should look similar to:
    Drive Information:
    C:\ NTFS (Fixed Drive ) free(2.9 Gb) total(3.9 Gb)
    D:\ NTFS (Fixed Drive ) free(3.6 Gb) total(3.9 Gb)

    DS Path Information:
    Database : C:\WINNT\NTDS\ntds.dit - 10.1 Mb
    Backup dir : C:\WINNT\NTDS\dsadata.bak
    Working dir: C:\WINNT\NTDS
    Log dir : C:\WINNT\NTDS - 30.0 Mb total
    res2.log - 10.0 Mb
    res1.log - 10.0 Mb
    edb.log - 10.0 Mb

    3. Verify that each of the paths and files that are listed above
    exist.
    4. Check each of the paths and files that are listed above to ensure
    that the permissions are at least set to the defaults (administrators and
    system - full control).
    5. Run <esentutl /g "<path>\ntds.dit"> (performing the integrity
    check)

    Hope the above information helpful. In the meantime, if you have any
    further concerns, please let me know. I am glad to be any of further
    assistance.

    Best regards,

    Charles Yang (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Charles Yang [MSFT], Apr 11, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.