C00002e3 Security Accounts Manager Failed

In brief, My domain controller was showing STOP: C00002e3 Security Accounts Manager Initialization failed because of the following error: A Device attached to the system is no functioning. In addition to the above, Error Status: 0xc0000001. Please Click OK to shut down this system and reboot into Safe Mode, Check the Events log for more detailed information.”

Well, The problem statement was huge as Windows Server 2008 primary domain controller was hosted on a Virtual Machine. Therefore, I tried and was able to fix the issue. hopefully, this will work for you as well.

STOP C00002e3 Error on Domain Controller

In fact, I faced it on Windows Server 2008 based primary domain controller and it kept restarting before Login screen. During this, there was a mouse pointer and black screen before this primary domain controller restart. Off course, I rectify this on Windows Server 2008 based primary domain controller and troubleshoot this error in steps below:

• First, I manually restarted the Windows Server 2008 based primary domain controller.
  1. Then, I keep pressing F8 Function Key and Boot using “Last Known Good Configurations Mode”. Still, the C00002e3 error was not resolved. – Solution is not working
• Second, once again, I restarted the Windows Server 2008 based primary domain controller.
  1. After the restart, Then, I keep pressing F8 Function Key and Boot using “Safe-Mode”. Still, the C00002e3 error was not resolved, All options tried but it continues with same behavior.
• Third, To see the visual error, I restarted the Windows Server 2008 based primary domain controller.
  1. Now, I keep pressing F8 Function Key and Boot using “Disable Automatic Restart on System Failure Option”.
  2. After the domain controller virtual machine restart, this blue screen of death (BSoD) was shown with complete detailed information:

In addition to the above complete graphically error, I pasted the text for better understanding.

STOP: C00002e3 Security Accounts Manager Initialization failed because of the following error:

A Device attached to the system is no functioning.

Error Status: 0xc0000001.

Please Click OK to shut down this system and reboot into safe mode, check the events log for more detailed information.

Windows Server 2008 Domain Controller

Briefly, I confront this on Windows Server 2008 Primary Domain Controller. Subsequently, This domain controller was not booting up in Safe Mode, Last Know Good Configurations etc. Finally, “Active Directory Restore Mode” works well and and wow, It works for me. Now, I was able to login on Windows Server 2008 Primary Domain Controller with Directory Services Restore Mode (DSRM) Account.

To illustrate, Directory Services Restore Mode (DSRM) is a boot mode for repairing or recovering Active Directory Domain Services (AD DS). Now, Directory Services Restore Mode (DSRM) password is setup during the active directory initial setup. Equally important, DSRM password will be same domain administrator password. Well, it is because while initially setting up the active directory, we called it restore password. After the login, when I open Windows Events Viewer, I saw lot of Events about Active Directory failures.

Domain Controller Possible Scenarios

Specifically, there are few choices in this scenario (for me as well, as I have only one Domain Controller).

1. Domain Controllers Replication Service – Stop replication for all other domain controllers.
2. Manually Remove affected DC and Adds back after Metadata Cleanup.
3. Repair the NTDS.dit
4. Restore it from backup (Was the only choice for me)

As I mentioned, I restarted Domain Controller in “Active Directory Restore Mode”. But, after login on Windows Server 2008, I restored Active Directory on a Previous Date, I did as below:

• Locate the “Command Prompt” on your Windows Server 2008 Primary Domain Controller and “Run as Administrator”.
• Type WBADMIN /? To check complete commands list for the Restore.

• Before using System State Recovery, you need backups versions.
  • Namely, versions mean, all successful backups that can be used in recovery.
• Run the command wbadmin get versions to get the backup time, backup target, backup version identifier etc., as image below:

• Finally, I run the command below to recover active directory on most recent date.
  • wbadmin start systemstaterecovery –version:12/26/2011-17:30 –backupTarget:D: -machine:server1

In the end, This process may takes some times depending on the backup size and virtual machine’s specification. Besides all the efforts, it was successful and everything was working fine after reboot. Hopefully, this will help you as well.