Get-ADDBAccount - There was a problem reading the Database which probably comes from a different OS #181
Description
I've been trying to get DSInternals working to perform some password auditing but have encountered this error and am unsure where to go from here.
I started by creating a Shadow copy of the C: drive on my DC which is running Server 2016 datacenter and copied the ntds.dit file from the shadow copy.
I then extracted the system hive from the DC using the command reg save HKLM\SYSTEM
I copied both files to my Widows 10 computer and ran the following:
$key = Get-Bootkey -SystemHiveFilePath C:\temp\sys
Get-ADDBAccount -All -BootKey $key -DBPath C:\Temp\ntds.dit
Which resulted in this error:
Get-ADDBAccount : There was a problem reading the database, which probably comes from a different OS. Try defragmenting it first by running the 'esentutl /d ntds.dit' command.
At line:1 char:1
- Get-ADDBAccount -All -BootKey $key -DBPath C:\Temp\ntds.dit
-
+ CategoryInfo : OpenError: (:) [Get-ADDBAccount], InvalidDatabaseStateException + FullyQualifiedErrorId : DBContextError,DSInternals.PowerShell.Commands.GetADDBAccountCommand
I defragged the database as suggested and tried again with the same results. I have also attempted this on a system running server 2016 datacenter and another system running server 2022 but all attempts have resulted in the same error.
I saw a suggestion that the system hive should be exported from the same shadow copy as the ntds.dit file so I tried that but when I tried to use this as the bootkey it gave me an error that the registry database is corrupt
PS C:\Windows\system32> $key = Get-Bootkey -SystemHiveFilePath C:\temp\SYSTEM
Get-Bootkey : The configuration registry database is corrupt
At line:1 char:8
- $key = Get-Bootkey -SystemHiveFilePath C:\temp\SYSTEM
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (C:\temp\SYSTEM:String) [Get-BootKey], Win32Exception
- FullyQualifiedErrorId : GetBootKey_Win32Error,DSInternals.PowerShell.Commands.GetBootKeyCommand