This article describes how to perform a disaster recovery restoration of the Microsoft Windows 2000 Active Directory domain controller on a computer that has a different hardware configuration from that of the computer where you performed the Active Directory backup.

You may have to use this procedure if no other domain controllers exist and if no computers with a hardware configuration that is similar to that of the failed domain controller are available. This article applies to computers that are running Windows 2000 Service Pack 2 (SP2) or later at the time that the backup operation was performed.

Warning The procedure that is described in this article is intended for disaster recovery of a single domain when no other domain controllers are available. This procedure is not intended as a means to move domain controllers from old hardware operating systems to new hardware operating systems in a multiple-domain environment. It is intended for use only when disaster recovery is required. After you recover the domain controller, do not keep the recovered domain controller in production. The purpose of this recovery is to restore Active Directory functionality and to bring new domain controllers online. After a new domain controller is online, demote the recovered server, remove it from the domain, and then reinstall Windows.

To perform a disaster recovery restoration of the Windows 2000 Active Directory domain controller on a computer with different hardware from the computer where you performed the backup, follow these steps.WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

1.	Perform a full backup of the domain controller, including the system state and the drive that contains the system volume.
2.	On the new computer, perform a clean installation of Windows 2000 as a stand-alone server in a workgroup. Note The file system, the installation drive, and the Windows installation folder name must be the same as the server that is being restored (for example, C:\Winnt or D:\Winnt35). Also, recovery results are generally better when the computer that you are restoring has a video bus that is similar to the one on the computer where the backup was made. For example, if the original system uses an AGP bus, and you are restoring to a system that uses a PCI video bus, the recovery may be difficult.
3.	Perform the disaster recovery restoration. To do so, follow these steps: a. Click Start, point to Programs, point to Accessories, point to System Tools, and then click Backup. b. Click Restore Wizard, and then in the Restore Wizard dialog box, click Next. c. Click Import File, click Browse, locate the disk where you saved the backup file, and then click Open. d. Click OK. e. In the What to restore list, click to select the computer partition check box and the System State check box that you want to restore. f. Click Next, and then click Advanced. g. In the Restore files to list, click Original location, and then click Next. h. Click Always replace the file on disk, and then click Next. i. Follow the remaining steps in the Restore Wizard to complete the disaster recovery restoration. j. In the restored domain controller, change the BurFlags value to d4. To do so, follow these steps: 1. Click Start, and then click Run. 2. In the Open box, type regedit, and then click OK. 3. In the left pane, expand My Computer. 4. Expand HKEY_LOCAL_MACHINE, and then expand SYSTEM. 5. Expand CurrentControlSet, and then expand Services. 6. Expand NtFrs, and then expand Parameters. 7. Expand Backup/Restore, and then click Process at Startup. 8. In the right pane, right-click BurFlags, and then click Modify. 9. In the Value data box, type d4, and then click OK. Note If the restored domain controller’s BurFlags value is not changed to d4, sysvol does not share out. After the disaster recovery restoration process is completed successfully, the following three scenarios are possible: • Scenario 1: Windows starts successfully. • Scenario 2: Windows stops responding, or hangs, when you try to start it, but it starts successfully when you select the Safe Mode option. This behavior occurs because of the bus architecture chipset or because of an incompatible driver in the new computer. You may have to run an in-place repair or an upgrade operation. • Scenario 3: The computer stops responding in Start Windows Normally mode and in safe mode. You must run an in-place repair or an upgrade. This is typically caused by a mismatched hardware abstraction layer (HAL). You may have to press F7 during Windows startup to force the standard version of the HAL for the operating system to start successfully. To resolve the issues that are described in scenarios 2 and 3, perform an in-place upgrade repair. To do this, follow these steps: a. Start the computer by using the Windows 2000 CD-ROM. The repair operation begins after you accept the license agreement and after the Setup program searches for previous installations of Windows to repair. b. When the Setup program finds the damaged installation, press R to repair the selected installation. the Setup program re-enumerates your computer's hardware (including the HAL) and performs an in-place upgrade while maintaining your programs and user settings. This procedure also refreshes the %SystemRoot%\Repair folder with accurate information that you can use for repair operations. For additional information about how to turn off the Advanced Configuration and Power Interface (ACPI) by pressing F7 during the in-place upgrade repair, click the following article number to view the article in the Microsoft Knowledge Base: 237556 (http://support.microsoft.com/kb/237556/) How to troubleshoot Windows 2000 Hardware Abstraction Layer issues Note If the in-place repair operation is not successful, and if Windows restarts after every power-on self test (POST), start the computer by using the recovery console, and then run the following command to disable the ACPI: disable acpi After the ACPI has been disabled, restart the in-place repair. To force Windows to use the Standard PC HAL, press F7 when you are prompted with the following: Press F6 if you safe install a third-party SCSI or RAID driver. After the repair or the upgrade operation starts, and after the Setup program proceeds to the graphical user interface (GUI) part of Windows Setup, Windows typically installs successfully. Important When the Optional Components dialog box appears in the GUI part of the Setup process, make sure that the DNS check box is selected under Networking Components. Additionally, make sure that the SMTP check box is selected under Internet Information Services. When the SMTP check box is selected, the following dependent services are also installed under Internet Information Services (IIS): • Common Files • Internet Information Services Snap-in • World Wide Web Server Note If Microsoft Exchange Server is installed, do not click to select the SMTP Service check box under Internet Information Services. Exchange Server supplies the SMTP service installation in this case. However, Active Directory requires that you install the other IIS items -- for example, Common Files, Internet Information Services Snap-in, and World Wide Web Server. If a DNS installation that supports the dynamic update protocol is on a separate member server in the domain, you must install the DNS option of the Optional Components during the in-place upgrade process of the Windows 2000 domain controller that is being recovered. This is required primarily because the network adapter that Active Directory was previously bound to is, in effect, removed. The new network adapter will retain the current protocols, but their settings are lost, and you cannot reconfigure these options in an in-place upgrade and repair operation. If the domain controller does not have access to a DNS server that supports the dynamic update protocol during the upgrade and repair process, none of the Directory Service components are restored. You can see this in Event Viewer by noting all the missing event logs that are related to Active Directory. Only the system log, the application log, and the security log are displayed. Therefore, DNS must be installed on a domain controller that is undergoing an in-place repair and upgrade on different hardware. On similar hardware, this is typically not an issue because the network adapter is the same and because all protocol settings are retained.
4.	After the in-place upgrade and repair operation is complete, start Registry Editor, and then verify that the ClientProtocols key is located under the following registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc To do so, follow these steps: a. Click Start, and then click Run. b. In the Open box, type regedit, and then click OK. c. In the left pane, expand My Computer. d. Expand HKEY_LOCAL_MACHINE, and then expand SOFTWARE. e. Expand Microsoft, and then expand Rpc. If the ClientProtocolskey is missing, the network adapter that is used for the restoration is different from the adapter of the original server. The ClientProtocols key is deleted when a network adapter is unexpectedly removed from a server. Without the ClientProtocols registry key and the values that it contains, there is no network connectivity. If the ClientProtocolskey is missing, you can manually re-create it with all the values that it contains, or you can use Registry Editor to import it from another Windows 2000 domain controller. • To export the ClientProtocols key from another Windows 2000 domain controller, follow these steps: a. Click Start, and then click Run. b. In the Open box, type regedit, and then click OK. c. In the left pane, expand My Computer. d. Expand HKEY_LOCAL_MACHINE, and then expand SOFTWARE. e. Expand Microsoft, and then expand Rpc. f. Click ClientProtocols. g. On the Registry menu, click Export Registry File. h. In the Save in list, select a removable media device or a network share. i. In the File name box, type the file name, and then click Save. j. On the recovered server, double-click the .reg file to import the registry key. • To manually re-create the ClientProtocols key and its values, follow these steps: a. Click Start, and then click Run. b. In the Open box, type regedit, and then click OK. c. In the left pane, expand My Computer. d. Expand HKEY_LOCAL_MACHINE, and then expand SOFTWARE. e. Expand Microsoft, and then expand Rpc. f. Right-click Rpc, point to New, and then click Key. g. Type ClientProtocols. h. Right-click ClientProtocols, point to New, and then click String Value. i. In the right pane, type ncacn_http for the Value name. j. Right-click ncacn_http, and then click Modify. k. In the Value data box, type rpcrt4.dll, and then click OK. l. Repeat steps h through k to create the following registry values in the ClientProtocols registry key:   Value name Value type Value data ncacn_ip_tcp REG_SZ rpcrt4.dll ncacn_nb_tcp REG_SZ rpcrt4.dll ncacn_ip_udp REG_SZ rpcrt4.dll ncacn_np REG_SZ rpcrt4.dll
5.	Restart the server.
6.	Reconfigure the server's Internet Protocol (IP) settings so that the Preferred DNS server points to its own IP address. If DNS is configured on a separate Windows 2000 member server, you can point the primary DNS to the DNS member server, and you can remove DNS from the recovered domain controller after you restart the server in step 9 later in this article.
7.	Start the DNS utility, right-click the server, and then click Properties. View the entries on each tab to make sure that they are correct. When you are finished, click OK.
8.	Under the server name, expand Forward Lookup Zones, right-click the zone that applies to you, and then click Properties. On the General tab, verify that the Yes option is selected next to Allow dynamic updates. Note By configuring DNS to accept dynamic updates, you make sure that the correct records for Active Directory are re-created when you start Windows or at the next restart of the Net Logon service.
9.	Restart the server, and then run DCDiag.exe from the command line to search for errors. For additional information about how to use DCDiag.exe, click the following article number to view the article in the Microsoft Knowledge Base: 265706 (http://support.microsoft.com/kb/265706/) DCDiag and NetDiag in Windows 2000 facilitate domain join and DC creation You can expect to see system log errors in the DCDiag.exe output because of the nature of the activities that are occurring on the computer. Any other errors must be analyzed and possibly referred to a Microsoft Product Support Professional for additional troubleshooting.
10.	Unless the domain controller that you restored managed all five roles as an operations master, you must manage these roles to fully recover the Active Directory. An operations master is also known as flexible single master operations or FSMO controller. Note If you are denied access to the GUI-based tools, manage the roles through the command-line utility, Ntdsutil.exe. For additional information about how to use Ntdsutil.exe, click the following article number to view the article in the Microsoft Knowledge Base: 255504 (http://support.microsoft.com/kb/255504/) Using Ntdsutil.exe to seize or transfer FSMO roles to a domain controller

For information about metadata cleanup of servers, visit the following Microsoft Web site: For additional information about the Recovery Console, click the following article number to view the article in the Microsoft Knowledge Base: For additional information about moving Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base: For additional information about how to perform an in-place upgrade to Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base: