How To: Remove Hidden (Non-Present) Devices after an HIR Domain Controllers

Reference:
https://support.storagecraft.com/s/article/How-To-Remove-Hidden-Non-Present-Devices-after-an-HIR?language=en_US&ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=5


Apr 5, 2019•Troubleshooting


The 
2e2 error code means the directory services are not accessible via the operating system at the state it currently resides. There are many reasons for this error, including, but not limited to:
  • Data for Active Directory Domain Services (AD DS) has been spread across multiple drives and only the system drive has been restored (this is commonly seen when performing Advanced Verification via Image Manager)
  • The domain controller (DC) has bound to a specific hardware driver and is attempting to use the device during the boot process (this is commonly seen with hardware to virtual or Hardware Indepentent Restore situations)
  • Corruption of the ADS database has occurred

The HIR process often leaves behind device drivers that the DC had bound to when previously configured on the network; this may included disk controller and network interface card (NIC) drivers.

User-added image Domain Controllers are bound to a specific NIC during the ADS role addition process.
Resolution


To resolve the 2e2 error code, attempt the following steps in DSRM orActive Directory Restore Mode (dependent on OS). 

User-added image Domain controllers require special attention. When the first boot of a restored DC happens hit F8 and select DSRMor Active Directory Restore Mode, this ensures that AD DS will not run.

User-added image For NIC troubleshooting only: perform all the steps below and ensure that the correct IP address is configured to the local area network (LAN) interface; this may take up to two reboots. If this is not done, and the server is allowed to boot normally, it may sit at the “Preparing Network Connections” stage for a considerable amount of time and still fail.

  1. Boot the system to the Advanced Boot Options  menu and select "Directory Services Repair Mode"
User-added image
  1. Once the login screen appears, use the DSRM password created during the Domain Controller promotion process to access the system:

User-added image Attempting to login with the domain administrator account will fail due to Directory Services being disabled; if the DSRM password has been lost or forgotten, skip to the Enable Boot Logging section and remove drivers manually through the  File Explorer in the WinRE once identified.
  1. Open a command prompt with administrative privileges


User-added image Location of the Command Prompt varies by operating system, for this demonstration Server 2016 is used.

User-added image

  1.  At the command prompt, type the following lines (press "ENTER" after each line):
 
set devmgr_show_nonpresent_devices=1
User-added image  cd %SystemRoot%\System32 User-added image  devmgmt.msc User-added image  
  1. In Device Manager go to "View" then "Show hidden devices" 
 
User-added image
  1. Navigate to the device driver sections of the components that may be affecting the system boot process; for example the "Network Adapters" section.
 
User-added image
  1. Locate any greyed out or faintly outlined devices. These devices are not present and can safely be removed by right-clicking on them and selecting "Uninstall" 

User-added image


User-added image The system for this demo is a VM in a healthy state, otherwise there would be grayed out devices in the "Network Adapters" section of Device Manager.

Additonal Troubleshooting: "Enable Boot Logging"


One option that may assist with booting to a stable configuration is running HIR for a second time on the system drive; this may remove drivers that it didn't delete previously. If running HIR fails to fix the issue, boot to the recovery menu; there are circumstances when reaching "Safe Mode" or "DSRM" fails, (e.g. forgotten DSRM password, corruption in the recovery partition, a system driver used during boot fails and access to Safe Mode bluescreens the system, etc.). The best next step is starting "Enable Boot Logging" mode via the F8 Recovery Menu which creates a "ntbtlog.txt" file accessible in the StorageCraft Recovery Environment. The log file references the failure point and assists with identifying the driver causing the BSOD as the log file generated stops when the driver breaks the normal boot-cycle.

User-added image

  1. After the first boot cycle after failure, boot into the WinRE, then select "File Browser" in the left hand Tools menu:

User-added image

  1. Once selected, click "This PC" in the Explorer window:

User-added image

  1. Now select the system volume (usually driver letter C):

User-added image

  1. Now select the "Windows" folder and scroll down to the bottom of the directory to ntbtlog.txt:

User-added image

  1. Select the log file and press ctrl + end to navigate to the end/failure point:
 

User-added image

If the issue persists StorageCraft is unable to further assist as this relates to Microsoft components; please reach out to Microsoft for further troubleshooting steps.