Link to home
Start Free TrialLog in
Avatar of broozm
broozm

asked on

Nod32 causes SBS 2003 to drop users off after half an hour or so - what to use instead?

Been tearing my hair out here folks! (But I suppose I was asking for it with my first Vista:SBS domain! )

It is a new single SBS Dell server. Stock standard - so should be no issues. But...
All four users have started dropping off the network for local resources, yet they still have internet access (which goes through the server - as it has two nic setup)

It has been working fine till recently.
As far as I can see it either something to do with applying policies, or, the ldap protocol is being blocked somehow. Logging on and off can be very slow at times on some of the workstations, but not others...  

Previously I had Nod ESS Smartsuite installed on the server - until I found out that only the antivirus component of this is suitable for server environments. In desparation, I have now uninstalled this as well, and the connections have stayed up for several hours - which is encouraging.

So I think I solved it!?

But my question is: what version of Eset NOD32 antivirus is stable on SBS2003?
Or what other AV is suitalbe on SBS2003?

Prior to this I had set the two nics to 100Full manual.
I had upgraded the driver for the AMD Semperon processor - as I read somewhere this could cause issues.

Here is the info you'll be asking me for

Windows IP Configuration
   Host Name . . . . . . . . . . . . : myserver
   Primary Dns Suffix  . . . . . . . : RDDD.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : RDDD.local

Ethernet adapter Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-1D-09-18-B8-32
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.1.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . . : 00-10-18-2F-CE-53
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1


Command Line: "dcdiag.exe /V /C /D /E /s:rdcl"

Domain Controller Diagnosis
Performing initial setup:
   * Connecting to directory service on server rddd.
   [rddd] LDAP search failed with error 58,
   The specified server cannot perform the requested operation..
   The host rddd could not be resolved to an
   IP address.  Check the DNS server, DHCP, server name, etc
   DcDiag: a dcdiag exception raised, handling error 8444


Domain Controller Diagnosis
Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\MYSERVER
      Starting test: Connectivity
         ......................... MYSERVER passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\MYSERVER
      Starting test: Replications
         ......................... MYSERVER passed test Replications
      Starting test: NCSecDesc
         ......................... MYSERVER passed test NCSecDesc
      Starting test: NetLogons
         ......................... MYSERVER passed test NetLogons
      Starting test: Advertising
         ......................... MYSERVER passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... MYSERVER passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... MYSERVER passed test RidManager
      Starting test: MachineAccount
         ......................... MYSERVER passed test MachineAccount
      Starting test: Services
            IsmServ Service is stopped on [MYSERVER]
         ......................... MYSERVER failed test Services
      Starting test: ObjectsReplicated
         ......................... MYSERVER passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... MYSERVER passed test frssysvol
      Starting test: frsevent
         ......................... MYSERVER passed test frsevent
      Starting test: kccevent
         ......................... MYSERVER passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x80001778
            Time Generated: 05/20/2008   13:35:59
            Event String: The previous system shutdown at 1:30:48 PM on

         An Error Event occured.  EventID: 0xC0001B68
            Time Generated: 05/20/2008   13:37:03
            (Event String could not be retrieved)
         ......................... MYSERVER failed test systemlog
      Starting test: VerifyReferences
         ......................... MYSERVER passed test VerifyReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : RDDD
      Starting test: CrossRefValidation
         ......................... RDDD passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... RDDD passed test CheckSDRefDom
   
   Running enterprise tests on : RDDD.local
      Starting test: Intersite
         ......................... RDDD.local passed test Intersite
      Starting test: FsmoCheck
         ......................... RDDD.local passed test FsmoCheck
Avatar of broozm
broozm

ASKER

Just found many similar reportings over at WilderSecurity along the same lines with the only solution to resort to v2.7
eg
http://www.wilderssecurity.com/showthread.php?t=196980
ASKER CERTIFIED SOLUTION
Avatar of CarlWarner
CarlWarner
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of broozm
broozm

ASKER

Solved it by installing v 2.7  :)
which can still be found here:
http://download.eset.com/download/win/v2ad/ndntenad.exe
Avatar of broozm
broozm

ASKER

Thanks for your comment - It gave me enough courage to install v2.7 - and it's good now :)