Introduction to Boot Options for Windows Server 2003
Windows Server 2003 has inherited the Windows 95 and XP's ability to interrupt the boot sequence by
pressing F8. This is a handy boot option for disaster recovery, for example, when you need to disable a driver or perform an Authoritative Restore.
Suppose the Windows server will not boot up. You may get a stop error message,
alternatively, it may get a black screen which says, cannot find xyz.com file.
Under these dire circumstances, your best bet is to reboot and press F8. I
urge you to run through these options when you are calm and can make rational
decisions, because when disaster strikes, the heart races and you need the
comfort of familiar menus and procedures. Therefore, practice boot options with F8.
Safe Mode (Safe Mode with Networking, Safe Mode Command Prompt)
VGA Mode
Last Known good (LKG)
Directory Services Restore
Network security is complex. As an MCT trainer, I can thoroughly recommend
TrainSignal because they
provide practical hands on training. In particular, I like the way TrainSignal cover all learning methods, instructor lead, video and of course text material. You can either take one module, for example
Network Security or go for
a combination of modules.
See more about Network Security training here
1. Safe mode
Those coming to Windows Server 2003 from NT 4.0, will be impressed with all the options revealed by
pressing F8 on boot up; those who know Windows 98 will find old friends on the
menu. There are variation like Safe Mode with Networking, however I find the plain Safe
mode is the best option when you begin troubleshooting. The main use of Safe mode is to correct configuration errors so that you can try another normal
boot. Remember the first question to ask in troubleshooting is 'What was
the last setting to change?'. Incidentally, never waste time asking who made that fatal change because I can tell you the answer from here - it's always Mr Nobody.
A good point about safe mode is that you still preserve the option to try the Last Known
Good.
2. VGA Mode
This is useful in two scenarios: a) You inadvertently install an incompatible
monitor driver b) Some nutter (Mr Nobody?) tries a variation of black writing on a black
background.
3. Last Known Good (LKG)
This option is used in one specialist situation, you have just installed a rogue
driver which you are pretty sure is preventing the Windows Server 2003 machine from booting. If you did
something that changed the registry, then you can revert to a spare control set.
Beware, the moment you logon, Windows creates a new Last Known Good, as a result you would lose the previous LKG. The time to consider the LKG option is if you have
just installed a new device and you see an error message 'One or more services
failed to start'. In this situation DO NOT LOGON, power off, restart,
press F8 and select Last Known Good from the menu.
▫
4. Directory Services Restore - NTDSUTIL
The scenario: Someone has just deleted a complete OU from your Windows Server
2003 Active Directory.
The problem is that a normal restore will not work under these circumstances.
What will happen is that other Windows 2003 domain controllers will have later Update System
Number and over write the restore, and delete the OU, so you are back where you started.
What you need in this situation is the Directory Restore option from the F8
menu.
To prepare for a Directory Service Restore, first complete a normal restore
and take the Windows Server 2003 offline. Then reboot, select the special
Directory Service Restore mode at the F8 menu. Next run NTDSUTIL to tell
Active Directory not to over-write the OU that you wish to recover.
That last paragraph is easy for me to write, but in reality NTDSUTIL is a
difficult utility to use. Time spent practicing with NTDSUTIL will repay
many times when you have to make a disaster recovery. In addition you need
to understand LDAP because you need to issue a command to only restore the
faulty part of Active Directory, in this case the OU that was deleted.
When you are trying to boot a reluctant Windows 2003 server, CMDCONS is another string to
your bow.
Highly organized administrators run Winnt32 /cmdcons which installs about 8MB of files that make up the System Recovery Console. Fortunately should you forget to run CMDCONS
ahead of the boot problem, then you can still boot from Windows Server 2003 CD and access System Recover
from that
Server CD.
If the
system will not start due to a corrupted file, CMDCONS gives you tools to
copy replacement files from CD. When you select System Recovery, it drops
you into a DOS like shell where you can also issue commands to enable or disable
services that are preventing a clean boot.
Trap: The password for this account is stored in the SAM database. This is sometimes called the DSRM (Directory Services Restore Mode) accounts. My point this administrator account will almost certainly
have a different password from the regular domain
administrator account. This is how your reset that DSRM / special / other / SAM administrator's password.
Challenge: Install and test CMDCONS. My point is that time spent
practicing with CMDCONS will repay handsomely when it comes to using the
Recovery Console in
anger. In particular you may be surprised how difficult it is to logon as
administrator.
Event Viewer. If you are able to start in safe mode, then the first program to open is the
event viewer to check the logs. There is also a little know script called EventQuery.vbs /auxsource which you run from the command prompt.
System Configuration Utility - Msconfig.exe Sys.ini etc
System Information. Programs, Accessories, System Tools
Missing or corrupt file - System File Checker - sfc
System Icon, Hardware, Device Manager, Device, Properties, Roll Back
System Icon, Advanced, Startup and Recovery options
