Server 2016 Problems

The Netlogon service depends on the Server service (LanmanServer), Workstation service (LanmanWorkstation), or their dependency group, and these are failing to start. The cascade effect is:
Server/Workstation services fail → Netlogon fails → AD and domain logins fail.

Click to expand...

What Causes This?​

1. LanmanServer (Server service) and LanmanWorkstation (Workstation service) are foundational for network file/printer sharing, domain logon, AD, and almost all DC functions.
2. If these services are failing, it strongly points to:
   • Corrupt/missing system files or registry entries
   • Broken network stack or dependent service(s)
   • Bogus/faulty/disabled driver or service breaking their dependency chain
   • Rare: Group Policy gone bad, or AV/EDR software interfering at the system level

What To Do Next​

1. Check Dependent Services/Drivers​

View all dependencies for Server and Workstation services:​

sc qc LanmanServer
sc qc LanmanWorkstation

2. Investigate Service Startup Errors​

3. Confirm Driver/Core Component Health​

• srv.sys (for Server service)
• mrxsmb.sys (SMB redirector)
• Bowser, Browser, or similar legacy drivers

4. Check for Disabled Services​

Set-Service LanmanServer -StartupType Automatic
Set-Service LanmanWorkstation -StartupType Automatic

5. Check Device Manager for Warnings​

• In Safe Mode, open Device Manager and see if any drivers, especially for network adapters or “System Devices,” have a yellow warning or error.
• Roll back/update as needed.

If All the Above Fail​

• If services and system scans (SFC/DISM) fail to repair the Server/Workstation core, and dependencies are missing/corrupt, your OS might be too damaged for quick repair.
• At that point, an in-place repair install (with a matching Server 2016 ISO—select “upgrade/repair” not full wipe) or full backup restoration may be fastest and safest.

• Identifying missing/corrupt dependencies for Server/Workstation
• SFC/DISM scans and repairs
• Restoring correct service start types and core drivers
• Preparing for a repair install or system restore if these cannot be repaired

Check Dependent Services/Drivers​

Investigate Service Startup Errors​

Check for Disabled Services​

Check Device Manager for Warnings​

Key Observations from Your Results​

1. LanmanServer (Server service) Will Not Start​

• LanmanServer is set to Automatic, but not running.
• Netlogon and other critical DC services depend on LanmanServer. This is why domain logon, file sharing, and much more are blocked.

2. sc qc LanmanServer yields no response​

• This suggests underlying registry or system corruption: the Service Control Manager can’t query the Server service’s configuration, which is very abnormal.
• “No response” is itself a rare, serious sign; usually, it should at least return configuration details.

3. LanmanWorkstation is Running​

• This means at least some network stack is functional, but the “server side” component is missing or broken.

4. SFC Result: ‘Found errors but could not fix all of them’​

• There’s definite corruption. SFC wasn’t able to repair all system files—very likely including the LanmanServer service or its dependencies.

5. No Device Manager Warnings​

• This makes it less likely to be a hardware/NIC driver problem—this is core system/registry/service file corruption.

Diagnosis Summary​

• Botched or interrupted Windows Updates
• Disk corruption or critical file system issues
• Wrongful interference by third-party software or GPO
• Earlier attempts at manual file removal

Action Plan: Final Repair Attempts​

1. Check CBS.log for Corrupted Files​

• You can upload sfcdetails.txt here if you’d like help reviewing it.
• Look for references to files like srv.sys, srvsvc.dll, registry hives, or other system core files.

2. Run DISM with Correct Source​

• Replace X: with your mounted Server 2016 matching ISO location.
• If you used the wrong edition/image index, it will fail; use:
  dism /Get-WimInfo /WimFile:X:\sources\install.wim
  to list all indexes and try the exact one for your install.

3. If DISM Fails: Consider In-Place Upgrade Repair or Restore​

• In-place OS repair: Boot from Server 2016 matching media and choose “Upgrade” (this keeps roles/data but repairs Windows system files and registry).
• Restore from backup: If repair install is blocked or fails, restoring a good image from just before the incident is your fastest route.

Summary Table​

Bottom Line​

• You’ve ruled out most surface-level issues.
• The failure of LanmanServer to respond to sc qc and refusal to start confirms deep corruption.
• Final step: Try DISM one last time (making very sure the source media matches your install and you’re using the correct index).
  If it fails, proceed with an in-place upgrade repair or restore from backup.

• AD and Netlogon failures (since they rely on SRV records in your domain DNS)
• Inability to properly register its own records
• Domain logon, replication, and various services will fail

What You Should Do (in Safe Mode with Networking):​

1. Update the DNS Settings
   • Open a command prompt and run:
     Get-NetIPConfiguration
   • Note your network adapter name (e.g., "Ethernet").
   • Set DNS to localhost (127.0.0.1) or your server’s static IP:
     Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 127.0.0.1
     (Replace "Ethernet" if your adapter is named differently.)
   • OR, if you prefer, set to your server’s actual static IP.
2. Confirm the Change
   • Run:
     ipconfig /all
     Ensure the “DNS Servers” list only shows your DC (127.0.0.1 or its static IP).
3. Flush DNS Cache
   • Just in case:
     ipconfig /flushdns
4. Try Restarting Key Services
   • Now try to start the DNS service:
     Start-Service DNS
   • Then the Server service:
     Start-Service LanmanServer
   • Then Netlogon:
     Start-Service Netlogon
   • Note any errors.

Why This Matters​

In-Place Upgrade/Repair and Its Impact​

What Is an In-Place Upgrade (Repair Install)?​

• An in-place upgrade or repair install of Windows Server 2016 means you boot from the same version/edition installation media and choose the option to upgrade/repair the existing OS (not a clean install).
• It replaces corrupted/missing system files, fixes registry/service configuration, but retains server roles, data, applications, AD DS (Active Directory), and Group Policy settings.

Will It Affect Active Directory or Folder Redirection?​

Active Directory​

• No, Active Directory will NOT be lost in a successful in-place upgrade.
• All domain data, users, groups, GPOs, and DNS records (if running AD-integrated DNS) will be preserved.
• The server remains the domain controller after the repair.

Folder Redirection​

• Folder redirection GPOs and their links/settings in AD are not changed by the OS in-place upgrade; they will continue to exist and apply to computers/users as before.
• The contents of redirected folders (on local disks or shares) are not touched by the repair install.
• However: If the folder redirection targets are on this server, and shares/filesystem permissions have been modified/corrupted due to earlier OS issues, validate them post-upgrade.
• Double-check that NTFS and share permissions remain as you intend after the upgrade.

Best Practices Before Repair Install​

1. Full Backup:
   You’ve mentioned cloud backup—make sure you have a current, tested bare-metal or image backup before starting.
2. Backup System State:
   Optionally, use Windows Server Backup to grab a “System State” backup (includes AD DS, boot files, registry).
3. Document Shares and Permissions:
   Although data and shares should persist, document your shares and folder permissions as a precaution.

After the In-Place Upgrade​

• Check all Windows Updates (you'll likely need to reapply cumulative updates).
• Review AD DS health: Run dcdiag and repadmin /showrepl (if you ever add another DC).
• Test folder redirection: Log on with a test user to ensure redirection/GPOs function.

Bottom Line​

• In-place upgrade/repair is explicitly designed to fix Windows system/registry corruption while preserving AD and all user data including redirected folders and GPOs.
• It is the best OS repair method when SFC/DISM can't fix core components and you want to avoid rebuilding the server.

1. Identify Your Adapter Name (in Command Prompt)​

• Look for the correct “Ethernet adapter” name (common names: Ethernet, Local Area Connection, or a custom name).

2. Set DNS to Localhost (From Command Prompt)​

• Replace Ethernet with your adapter’s actual name if needed:

• If you want to use your server’s static IP as DNS, change 127.0.0.1 to the actual IP address.

3. Verify DNS Setting​

• Under your main adapter, ensure “DNS Servers . . . . . : 127.0.0.1” (or the server’s static IP) is now set.

4. Try Starting DNS, Server, Netlogon Again​

• After updating DNS, proceed as previously instructed:
  • Start DNS service
  • Then attempt to start LanmanServer (Server service)
  • Then Netlogon
• Note if error messages change or if any of these services will now start.

Ethernet adapter Ethernet:

   Description . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . : xx-xx-xx-xx-xx-xx
   ...

How to Proceed​

1. Find the line in your ipconfig /all output that looks like:
   Ethernet adapter [YOUR ADAPTER NAME]:
   Example: Ethernet, Local Area Connection, Ethernet 2, etc.
2. Plug that exact name (inside quotes, if it contains spaces) into the command below:
   netsh interface ipv4 set dnsservers "YourAdapterNameHere" static 127.0.0.1 primary
   (Replace "YourAdapterNameHere" with what you found.)

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : local.tld
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   ...

• Please copy and paste the 3-4 lines above the “Description” line (including the line with the colon), or attach the ipconfig /all output directly, and I’ll tell you exactly which name to use in your netsh command.

• Safe Mode blocks internet by design. In Safe Mode (even with Networking), many services—including those responsible for network location awareness, authentication, firewalls, and even some network drivers—are purposely disabled. It is normal for internet access to be restricted or only partially working.
• Unable to log in normally: This persists because your core AD/DC services are still unable to start in normal mode (as covered before with your Server/LanmanServer/Netlogon failures).

About the DistributedCOM (DCOM) Errors​

• Critical DC services can’t start, so DCOM/RPC endpoints for AD, DNS, and similar can’t be reached.
• Network misconfiguration prevents Windows from connecting to required local or domain resources.

What To Do Now​

1. Confirm All Key Settings​

• Static IP, correct subnet, and gateway: ✔
• DNS = 127.0.0.1 or server’s IP (not external): ✔

2. If Services Will Not Start, and No Normal Login:​

• This confirms system/registry/corruption issues remain. Even with correct TCP/IP settings, DC services (LanmanServer, Netlogon, DNS, etc.) must be able to start and talk to the network. Since they won't start, and SFC/DISM couldn't repair all files, you are left with only these real options:

Final Steps: In-Place Upgrade (Repair Install) or Restore​

1. Repair Install (In-Place Upgrade)
   • Use a Server 2016 ISO/USB/DVD of the exact same edition/build as currently installed.
   • Boot into Windows (Safe Mode with Networking works), and run setup.exe from the media.
   • Choose the 'Upgrade' option (not a clean install; do NOT format disks).
   • This will:
     • Repair Windows system files and registry (including broken services like LanmanServer)
     • Keep AD, data, GPOs, and folder redirection intact
     • Require re-applying some Windows Updates post-repair
   • This process is tried-and-true for saving a broken DC when remote repair is impossible and you want to avoid a full restore.
2. If Setup/Repair Install Fails to Start
   • If Windows cannot run setup (even in Safe Mode), or if the repair install is blocked, restore your most recent backup.
   • This wipes out the corruption and brings the server back to last healthy state.

After In-Place Repair or Restore:​

• Double-check:
  • AD health (dcdiag)
  • Server/Netlogon/DNS services are running
  • Folder redirection, shares, permissions, group policies
• Update Windows fully, reinstall the latest network drivers from the vendor

Restoring from Backup: What Should You Restore?​

1. Domain Controller Scenario:​

• If you want to restore operating system health, Active Directory, and all registry/service configuration, you must restore the entire system volume (usually the whole C: drive), ideally from a bare-metal/server image or a full “system state” backup.
  • Restoring "just" C:\Windows is NOT safe or supported—the registry, service configurations, and many critical dependencies live outside that one folder.
  • A partial restore (copying over C:\Windows or similar) risks mismatched files, unbootable OS, or Active Directory corruption. Microsoft explicitly does not support piecemeal OS or AD file/directory restores.

2. Data Volumes (D:\, E:​

• Your D: and E: drives, since they hold databases and redirected folders, should NOT be restored unless those files are also corrupt or lost.
  • Restoring these is only necessary if those databases or shared file/folder contents are damaged.
  • Doing a C: only (system) restore should leave D: and E: untouched, preserving your data.
  • Always review your backup solution’s documentation, but with most image or system-state backups, restoring C: won’t overwrite other volumes unless you tell it to.

Best Practice for Restoring a Domain Controller​

1. Full System/OS Volume Restore (C:
   • Use your backup solution's "system recovery" or "bare metal" option, or restore the entire system (C partition to its state just before the failure.
   • This guarantees Active Directory, the registry, installed programs, and Windows services are restored to known-good status.
2. Leave D: and E: As-Is (unless corrupt):
   • Do not overwrite D: and E: unless those drives’ files are also compromised or the backup is meant to roll back the entire server including data changes.
3. After Restore:
   • Confirm system health, AD operation, and services start correctly.
   • Verify D: and E: data are untouched (except for reversion of possibly “open” files to their snapshot state if using a volume-aware system backup).

Special Note: System State Backup​

• If you have a system state backup, you can sometimes restore AD/registry/services without a full C: overwrite, but this is advanced, more error-prone, and not a universal fix.
• For major OS corruption, full C: restoration is safer.

Final Advice​

• When restoring a system image/OS volume, double-check that you replace only C: unless your intent is to revert all drives.
• If in doubt, consult your backup software's documentation or specify what tool/solution you're using, and I’ll give step-by-step instructions.

Options When the Server Has No Internet Access​

1. Restore to a Different Machine, Then Transfer Locally​

• If you have another computer with internet access:
  1. Log in to iDrive from that working machine.
  2. Download the full system backup or the latest image of the C: drive (choose "entire machine" or "system state" if possible).
  3. Transfer the restore data to the affected server using a USB drive or over the local network.
  4. Use recovery tools (e.g., bootable Windows Server rescue media or backup agent) to restore the backup onto the correct server volume.

2. Use iDrive’s Restore Options in Safe Mode (If You Can Get Internet Working)​

• If you can get any kind of internet access in Safe Mode with Networking (e.g., via tethering, wireless, temp switch), you can try initiating the restore directly from the iDrive agent/software on the server.
• Temporarily connect a laptop/tablet as a hotspot if that's an option, just for the restore process.

3. Physical Media Restore​

• Some backup services offer shipment of a physical drive containing your backup data (may take longer and often costs extra).

4. Repair Install While You Troubleshoot Connectivity​

• If restoring from backup is blocked due to lack of connectivity, you could try the in-place upgrade repair install method from Server 2016 media as discussed earlier. This doesn’t require downloading from iDrive and may resolve the corruption.
• Afterward, fix the network drivers/services. If Internet returns, you’ll still have the restore backup as a fallback.

Extra: Diagnosing No Internet in Safe Mode​

• In Safe Mode with Networking, double-check:
  • Your IP/gateway/DNS config is correct (which you’ve done).
  • Try pinging the default gateway (local router) and 8.8.8.8:
    
    Code:

    ping 8.8.8.8
    ping [your_gateway_ip]

  • If pings fail, your network adapter may lack full Safe Mode drivers, or services are still missing.
• If the local network (not just Internet) doesn't work in Safe Mode, only a full repair or restore will bring services up in normal mode.

Next Steps​

1. Download backup on another system if possible.
2. Attempt a repair install from your Windows Server 2016 media while your local backups are accessible.
3. If you succeed in repairing the OS and get Internet back, you can do an iDrive restore if needed.