When Active Directory (AD) isn’t working, the steps you’d typically follow would be to boot into Directory Services Restore Mode (DSRM) for repairing or recovering Active Directory. To access Directory Services Restore Mode, you typically press F8 prior to the machine booting into Windows, then select the Directory Services Restore Mode option from the menu that appears.
Tips: If you forgot DSRM password or domain admin password, you can reset the forgotten password easily with Reset Windows Password utility.
But sometimes you need to fix a problematic DC in a remote location, but nobody is close enough to troubleshot. Obviously, you can’t boot the domain controller into DSRM as usual. In this tutorial we’ll show you how to access Directory Services Restore Mode on a remote DC.
How to Access Directory Services Restore Mode on a Remote DC?
- On your machine, select Run from the Start menu, type Mstsc /console, and click OK.
- Type the IP address of the remote domain controller you want to connect to.
- Log on to the server using the Active Directory account.
- On the DC, right-click My Computer, click Properties, and then click the Advanced tab.
- Click Settings for startup and recovery.
- Click the Edit button to edit the startup options file.
- Modify the default entry to include the /SAFEBOOT:DSREPAIR switch, as shown in the following
example:multi(0)disk(0)rdisk(0)partition(2)\WINNT="W2K DC \\ your server name " /fastdetect /SAFEBOOT:DSREPAIR
- Save the modified Boot.ini file, and then close Notepad.
- Restart the domain controller.
- After waiting a few minutes, perform steps 1 and 2 again.
- When you reconnect, the server should state that it’s in Directory Services Restore Mode. Log on using the Local Administrator account (not the Active Directory account).
Once you have restarted the server in Directory Services Restore Mode, you are ready to begin the repairing or recovery process.