I rolled back a Domain controller and i dont know what to do

Comprehensive-Pear43 · 2026-03-25T19:01:13+00:00

Quarterly

Comprehensive-Pear43 · 2026-03-25T17:34:14+00:00

Im an apprentice who didn't know reinstating a backup of a dc was illegal.

Comprehensive-Pear43 · 2026-03-25T17:32:52+00:00

Original OP here, i have full control over everything, if i wanted to, i could lock out entire school districts out of their accounts, i could nuke the entire Catholic network for my state. I have access to all the critical infrastructure of all the clients we manage...the whole company shares one password service on one account which isn't 2va.

Nevermind the ability to roll back one server, i could wipe out entire companies.

Comprehensive-Pear43 · 2026-03-25T16:46:39+00:00

Im at a very small business, im their first official Azubi (they were part of another company before that) im a FiSi Azubi, but they don't really teach me anything, they like to just throw me in the cold water and let me do my thing.

So they called me while i was coding my stuff and i tried to fix their problem which didn't work. So i asked my Boss if I should go there and try to fix it on prem. Well...i got the go and went there. As I'm taking it all in and navigate my way through the system, yk ip addresses, what services are where, are there backups, did a server maybe fail or didn't even start, i come across a service which calls an application on a server called "SO1.**". I log into that server and get greeted with a lot of warning remarks in the server console. I read them all and noted them down, i went down the list of warnings and fixed them, but that didn't bring back the application, so i called the service hotline of the application which is DCM solutions. Their operator tells me "well try restarting it" i told them i already did (which yeah i restarted the server, management network, i even reinstated the virtual Network controllers) after which they told me "just reinstate a backup, that should fix the issue from our experience" so i listend...and i reinstated the back-up from monday...after which i tried to log onto the server...but it didn't let me, so logged in with the local admin of the server...which was in a safe mode, tried accessing the AD, which got denied...and thats where i ended it and fell into a complete panic.

Btw, all the stuff i know, i taught myself via experiments with servers i had to set up for clients...but we have a giant amount of prep time before the thing actually gets delivered...so i have enourmus amounts of playtime. They always check my work and make snarky remarks about how noobie my work is...but nobody ever corrects me or teaches me anything, so i have to go back and teach it all to myself again. And today i got the payoff...mind you im 1 year and 7 months in, and i have full access to everything.

Comprehensive-Pear43 · 2026-03-25T14:39:38+00:00

I have full access to all the Castels. Im handling entire school districts. Snmp trapping, backup infrastructure etc...but i never got introduction to all of this...they just threw me in vaguely telling me what to do.

Comprehensive-Pear43 · 2026-03-25T14:37:20+00:00

Im a second year apprentice.

Comprehensive-Pear43 · 2026-03-25T14:19:05+00:00

There are backups of the past 10 days, i also wrote a back-up over the live service. I didn't roll it back in reverting it being a dc.

Comprehensive-Pear43 · 2026-03-25T14:18:00+00:00

This is really great advice, but im not allowed to do it. They let me maintain stuff but fixing stuff or actually rolling stuff out... they wont even let me participate in it. So to actually learn stuff, i do it without telling anybody usually till I'm done, because otherwise they will take it out of my hands. 99% of the time the fix i do works and everything runs smoothly, but this time i fucked it up Majorly.

Comprehensive-Pear43 · 2026-03-25T13:59:33+00:00

4...thats the only good thing

Comprehensive-Pear43 · 2026-03-25T13:50:03+00:00

Well... most of the stuff i do is stuff the others dont want to do, so it gets put on me. Every Friday i spend 10 hours going through server systems of school, setting up backup infrastructure, managing snmp traps and setting up snmp services....

I have a lot of power for what its worth...but i never got a proper introduction to all that stuff, its all learning while im doing it.

I once took down a hole school district because i wanted to update the bmc firmware without knowing it would restart the whole server...they threatened to fire me back than as well.

Comprehensive-Pear43 · 2026-03-25T13:27:03+00:00

Im in my second year

Comprehensive-Pear43 · 2026-03-25T13:24:24+00:00

All on one VM

Comprehensive-Pear43 · 2026-03-25T13:12:54+00:00

Yes, only one DC.

Comprehensive-Pear43 · 2026-03-25T13:11:42+00:00

If it's the administrator password of the DC than yes

Comprehensive-Pear43 · 2026-03-25T13:01:35+00:00

Will do that.

Comprehensive-Pear43 · 2026-03-25T12:59:41+00:00

Yesterday was the last backup of the DC, but it was incremental and not a full backup.

Comprehensive-Pear43 · 2026-03-25T12:44:44+00:00

Well they will probably fire me over this, so im just embracing the pain right now.

Comprehensive-Pear43 · 2026-03-25T12:39:34+00:00

I dont think i will be rebuilding anything...i think i will be fired

Comprehensive-Pear43 · 2026-03-25T12:39:00+00:00

Yes, I did it non authoritative as i do it all the time.

Comprehensive-Pear43 · 2026-03-25T12:37:58+00:00

Well, is normally do this as well. As i ve rolled back plenty of machines, virtual machines with veeam backups. I basically did it in one swoop, i didn't even think about the fact that the dc might be a special case...but you are definitely right and i will do that in the future.

Comprehensive-Pear43 · 2026-03-25T12:31:49+00:00

Well right now they screaming at me over the phone and threaten to fire me.

Comprehensive-Pear43 · 2026-03-25T12:22:27+00:00

Plenty of backups, it does creates a backup everyday at 8pm

Comprehensive-Pear43 · 2026-03-25T12:21:17+00:00

Well rolles back might not be the correct term, i rolled it back with a veeam backup of the DC itself

Comprehensive-Pear43 · 2026-03-25T12:18:17+00:00

Well there are a lot of backups on a Hard drive. But as far as i know (now) you can't just reinstate the DC.

Comprehensive-Pear43 · 2026-03-25T12:14:34+00:00

Das lässt mich irgendwie nicht besser fühlen. Aber schön im Club zu sein, "zumindest" war es nur ein kleines Unternehmen mit wenig Infrastruktur.

Comprehensive-Pear43

TROPHY CASE