Shulou(Shulou.com)06/03 Report--

Context: I am building a Citrix desktop cloud environment, and after installing the PVS components, I accidentally deleted the environment's management account ctxadmin (fortunately, the experimental environment).

I tried to restore the deleted account in the domain server, but found that it could not be recovered because the recovery of the domain account required to open a recycle bin function similar to the domain account. This function is not enabled by default, and even if you open the Recycle Bin afterwards, the previous account records will be emptied. All in all, this account can no longer be restored. This is embarrassing because all my Citrix services are established by this account.

First of all, I created a new account with the same name in the domain account. The OU, permissions and password are all the same as the original account, but after logging in to other servers, I found that the content of the previous account cannot be restored, and the SID of the account is different.

My DDC and PVS servers can not log in, first of all, the SQL database, I can not enter, fortunately, I was able to access through the sa account, and then deleted the original ctxadmin account, re-added a new ctxadmin account.

Then after entering the PVS server, you still can't connect to the farm because of a database connection error. This solution is relatively simple, as long as you run the PVS service wizard again.

The DDC server is a bit miserable. After opening studio, I found that I couldn't connect, and I couldn't use the powershell script on the Internet to clear the database content, because this kind of script also needed the permissions of the previous service account. In this case, you need to go to the database to modify a content. First, when DDC is created, there will be three databases, one of which is the site database with a custom name, and there is a table in this library called DAS.administrator

If you look at the contents of the table, you can see that there is a relationship between ID and SID. This SID is the SID of the previous account and needs to be modified to the SID of the new account.

The SID of the new account can be viewed by typing whoami / user in cmd.

The statement to modify the database is

UPDATE DAS.Administrator SET SID= WHERE ID=

After the modification is completed, the administrator of the service becomes the new ctxadmin account. However, after re-entering the DDC server, it is still the same. The reason is that there is the configuration information of the old account on the server, enter the "system" (2016 system is right-click the start menu to pop up) and select "change Settings".

In the new pop-up window "system Properties", select "Advanced"-"user profile", and click the button "Settings".

Here you will see that there is an "unknown account". This is the configuration of the previous account, delete it, and then delete the configuration of the current user and log out of the account. After logging in again, DDC will return to normal.

There are no problems encountered in the follow-up operation. If you do delete the service account by mistake, you can use this method to solve it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.