April 23, 2011, 6:59 p.m.
posted by trystan
Restarting a Domain Controller in Directory Services Restore Mode
You want to restart a domain controller in DS Restore Mode.
To enter DS Restore Mode, you must reboot the server at the console. Press F8 after the power-on self test (POST), which will bring up a menu, as shown in Figure. From the menu, select Directory Services Restore Mode.
The Active Directory database is live and locked by the system whenever a domain controller is booted into normal mode. If you want to perform integrity checks, restore part of the database or otherwise manipulate the Active Directory database in some way, you have to reboot into DS Restore Mode. In this mode, Active Directory does not start up and the database files (e.g., ntds.dit) are not locked.
It is not always practical to be logged into the console of the server when you need to reboot it into DS Restore Mode. You can work around this by modifying the boot.ini file for the server to automatically boot into DS Restore Mode after reboot. You can then use Terminal Services to log on to the machine remotely while it is in that mode. See MS KB 256588 for more information on how to enable this capability. Be careful if you try to access DS Restore Mode via Terminal Services. Unless you have configured everything properly, you may end up with the domain controller booted into DS Restore Mode and not be able to access it via Terminal Services.
MS KB 256588 (Using Terminal Services for Remote Administration of Windows 2000 DCs in Directory Service Restore Mode)