Maybe not
I don’t know if any of you had at any moment to go to Microsoft’s support page. I did, countless times. I would like to expose the case I’ve seen multiple times also, and that I’ve seen in the Microsoft Support Knowledge Base.
If we read carefully, we will find the inglorious “decline all responsibility”.
Microsoft’s HB has the article #258062. The article describes how to repair a Domain Controller when the server does not boot up. Error comes from lsass.exe and there’s no other way than to reboot the system in Domain Controller Recovery Mode, and then follow the steps they indicate.
You can start here if you wish.
One of the steps is to use NTDSUTIL and ESENTUTL to repair the corrupt Active Directory database.
Thing gets interesint when we move forward and find the following quote:
Note Microsoft does not support domain controllers after Ntdsutil or Esentutl is used to recover from Active Directory database corruption.
Now what? Let’s see, they give us support to fix our issue and at the same time they say that after following their procedure they will no longer provide support for the impacted Domain Controller? What the…!?!