AD Corruption

[david902]

we're finally starting to test server 2003. Against the wishes of the IT team, management has decided to implement a single root/domain rather than a root domain and corporate domain for redundancy.

Since we're in the lab testing, the IT team wants to corrupt the AD on the test server and show management what we'd be up against duing a recovery without the redundancy of the root domain.

SO, what is the best/quickest way to corrupt an Active Directory?

 

[mrdenny]

Probably do an authoritice restore and pull the power cable half way through. That should corrupt the AD.

I'm not sure what redundancy the IT folks are talking about with a root domain and a seperate domain for corp.

Denny
MCSA (2003) / MCDBA (SQL 2000)

--Anything is possible. All it takes is a little research. (Me)

http://www.mrdenny.com

(Not quite so old any more.)

 

[adcfaq]

root and corp 2 domains are MSFT old implementation. Even MSFT folks believed they should convert to no empty root infrsatracture.

when talking about DRP(diszaster recovery plan), you may google a lot for AD. one gerenal rule is to have at least 2 DC on each domain and site.

---------------------------------------
Sr. Directory Services/Exchange Consultant

http://adcfaq.8m.com/

 

[dennisbbb]

Firstly, corrupted AD can be restored to original with AD Restore Mode, or a second DC.

To accomplish your orginal goal, do the following.

Create a 2 partition disk. Using Ghost or Acronis, image your server installation partition 1 into partition 2 of your disk, then edit boot.ini to reflect that. (i.e. default=multi(0)disk(0)rdisk(0)partition(2))

The system will boot, and complain that AD cannot be loaded successfully, so Netlogon cannot be loaded either. You simply cannot login. Win2k3 will then ask you to go to Restore Mode. You go to Restore Mode, and it will accept your Restore Mode password, only to loop you out into the login screen again. You now realize your system is toasted.