Domain Controller Wont Boot: Stop Code ‘0x00002e2’

KB ID 0001494

Problem

I had this problem after a VMware host upgrade last night, this domain controller would not boot, I tried ‘Last Known Good Configuration’, I tried ‘Safe Mode’ it would not boot. More out of desperation than procedure, I tried to boot to ‘Directory Services Restore Mode’ and it booted up (hooray!) I tried all the client’s usual passwords, and could not log in, I messaged them to ask for the DSRM password, and tried all the ones they sent me, it seems I was defeated!

They had other domain controllers, and their critical systems were up, so I arranged for this server to be restored the following morning from tape.

A lot of you will (I hope) know your DSRM password, so you have less problems that I had, so you can skip reseting the DSRM password part.

Reset DSRM Password (From Boot Disk)

If you Google resetting the DSRM password you get a ton of posts telling you to use ntdsutil, which is great if you can logon, but I could not. I’ll let you into a secret: The DSRM password is actually the LOCAL administrators password on the Domain Controller, and resetting the local admin password, (using a Linux boot disk, {don’t panic it’s simple!}) well we have been able to do this since the days of NT4! (DON’T PAY FOR A UTILITY TO DO THIS).

To download the boot disk and see how this is done follow the instructions I’ve already written in THIS POST. The only difference is, I chose to {blank} the password, rather than reset it, (you can reset it afterwards using ntdsutil if you want to).

Select option 1: Clear (blank) user password;

Boot Into DSRM Mode and Repair Active Directory

You can now boot into DSRM mode, (if you don’t see these options Press F8 as the server boots).

As soon as you enter ‘administrator’ and then click in the password box, the ‘Sign in to‘ option will change from the domain name to the domain controllers name. This usually happens on all machines, that are NOT domain controllers, but in this case, it’s expected behaviour, (as we will be logging in with a LOCAL password.) Remember I blanked the password, so I’m leaving it empty.

First let’s take a backup of AD. Open a command window, and execute the following command;

[box]

xcopy C:\Windows\NTDS\* C:\Backup\NTDS-Backup /E /Y /V /C /I

[/box]

Then execute the following commands;

[box]

cd C:\Windows\NTDS
ren *.log *.log.old
esentutl /p C:\Windows\NTDS\ntds.dit

[/box]

When prompted; CLICK OK.

Now run the following commands;

[box]

ntdsutil
activate instance ntds
files
compact to C:\Windows\NTDS\TEMP
quit
quit

[/box]

As it’s telling us (above), we now need to copy the compacted and repaired database, over the top of the live database, and then get rid of the logs. To do that, run the following commands;

[box]

copy "C:\Windows\NTDS\TEMP\ntds.dit" "C:\Windows\NTDS\ntds.dit"
Yes
del *.log
del *.log.old
shutdown -r -f

[/box]

The server will reboot, and boot back into Windows as normal.

Related Articles, References, Credits, or External Links

A big thank you to Alex at iThinkVirtual.com, for the AD repair procedure, I would not have got over  the line without his excellent ‘Fixing a corrupt Domain Controller’ post.

Device Boots to ROMMON (Cisco ASA)

KB ID 0001199 

Problem

After recently picking up some second hand ASA5512-X firewalls, I went to run them up, and make sure they were ok, however on boot up they went straight to ROMMON like so;

[box]

Use ? for help.
rommon #0>

[/box]

Now I know what ROMMON is, it’s the base operating system of the device, its job is a bit like the BIOS on a PC, it locates and loads the operating system. The only time you should ever see a rommon prompt is

  • If you ‘force’ a device into rommon mode as it boots.
  • The devices config register is incorrectly set.
  • The operating system is missing/corrupt.
  • The flash memory of the device is broken, (or needs reformatting).

Chances are, the firm who ‘re-sold’ them simply did some password recovery, and forgot to set the config register back again.

Solution

I’ve recovered enough passwords and booted form the network enough times to know that if the OS is present on the device, I can load it manually with the ‘boot’ command.

[box]

rommon #0> boot
Launching BootLoader...
Boot configuration file contains 2 entries.


Loading disk0:/asa923-smp-k8.bin...

[/box]

Once loaded up and logged in, lets have a look at the config register, (it should look like 0x1).

[box]

ciscoasa# show ver | incl register
Configuration register is 0x40 << Aha!!
ciscoasa#

[/box]

The easiest way to rectify this is to delete the config register, and it will then reset to the default.

[box]

ciscoasa# configure terminal
ciscoasa(config)# no config-register
ciscoasa(config)# exit
ciscoasa#
ciscoasa# show ver | incl register
Configuration register is 0x40 (will be 0x1 at next reload)
ciscoasa#

[/box]

Reload/reboot the firewall and if it boot properly, then you know you have rectified the problem, but you can re-check..

[box]

ciscoasa# show ver | incl register
Configuration register is 0x1 << Boom!
ciscoasa#

[/box]

Related Articles, References, Credits, or External Links

NA

Boot Cisco ASA From TFTP (Upgrade from ROMMON)

KB ID 0000792

Problem

If your firewall wont boot, either because the OS is corrupt, or you have a faulty flash memory. You can get up and running by booting the device from a TFTP server instead.

Solution

Before you start make sure you have your TFTP server running and the operating system in its root folder.

Install and Use a TFTP Server

1. Power on the firewall, during the boot phase press ESC to boot to ROMMOM mode.

2. The following commands will set the firewall’s IP address, default gateway, and the IP address of the device running the TFTP server. (Note: unless you are on a different network segment gateway and server address should be set the same).

[box]

Use ? for help.
ROMMON #0> ADDRESS=172.16.254.150
ROMMON #1> SERVER=172.16.254.207
ROMMON #2> GATEWAY=172.16.254.207

[/box]

3. You will need to specify the name of the operating system file to load, and which interface the firewall should use, this is a 5505 and I’m using Ethernet0/1 (the interface that’s usually the inside one).

[box]

ROMMON #3> IMAGE=asa911-k8.bin
ROMMON #4> PORT=Ethernet0/1
 Ethernet0/1
 MAC Address: b0fa.eb21.378e
 Link is UP
ROMMON #5>

[/box]

4. You can check the settings with a ‘set’ command.

[box]

ROMMON #5> set
ROMMON Variable Settings
ADDRESS=172.16.254.150
SERVER=172.16.254.207
GATEWAY=172.16.254.207
PORT=Ethernet0/1
VLAN=untagged
IMAGE=asa911-k8.bin
CONFIG=
LINKTIMEOUT=20
PKTTIMEOUT=4
RETRY=20

ROMMON #6>

[/box]

5. Start the process with a ‘tftp’ command.

[box]

 

ROMMON #6> tftp

tftp asa911-k8.bin@172.16.254.207 via 172.16.254.207

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

<Output removed for the sake of space>

[/box]

6. The firewall will load the operating system and boot. WARNING the operating system at this point is running in memory, NOT from flash, if you reboot it will attempt to load from flash memory again. (If you can access the flash memory ‘show flash’), then copy in the operating system from your TFTP server.

[box]

Petes-ASA# copy tftp disk0

Address or name of remote host []? 172.16.254.207

Source filename []? asa911-k8.bin

Destination filename [disk0]? asa911-k8.bin

Accessing tftp://172.16.254.207/asa911-k8.bin..
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!
 
 <Output removed for the sake of space>
 
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!
 Writing file disk0:asa911-k8.bin...
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!
 
 <Output removed for the sake of space>
 
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!
 
 8312832 bytes copied in 70.230 secs (118754 bytes/sec)

[/box]

7. Make sure you can see the file in flash memory.

[box]

Petes-ASA# show flash
 Initializing disk0: cache, please wait....Done.
 -#- --length-- -----date/time------ path
 6 6764544 Jan 01 2003 00:05:22 asa911-k8.bin <<<<
 7 1868412 Jan 01 2003 00:05:48 securedesktop-asa-3.1.1.29-k9.pkg
 8 398305 Jan 01 2003 00:06:04 sslclient-win-1.1.0.154.pkg
 9 7495680 Apr 25 2007 14:41:54 asdm711-k8.bin
 12 8312832 May 21 2007 13:29:08 asa722-k8.bin
 13 5623108 May 21 2007 13:31:26 asdm-522.bin

224886784 bytes available (30539776 bytes used)
 

[/box]

8. Set the new file as the default boot OS, and save the changes, then finally reboot the firewall.

[box]

Petes-ASA# configure terminal
 Petes-ASA(config)# boot system disk0:/asa911-k8.bin
 Petes-ASA(config)# write mem
 Building configuration...
 Cryptochecksum: b984ffbc dd77cdbf f2cd8d86 0b8f3f96

3965 bytes copied in 1.490 secs (3965 bytes/sec)
[OK]

Petes-ASA(config)# reload
Proceed with reload? [confirm]{Enter}
Petes-ASA#

***
*** — START GRACEFUL SHUTDOWN —
Shutting down isakmp
Shutting down webvpn
Shutting down License Controller
Shutting down File system

 

***
*** — SHUTDOWN NOW —

[/box]

9. The firewall will reboot, and load the new OS.

Related Articles, References, Credits, or External Links

NA