bmccleary
asked on
Determining why Windows Server restarts
I have a web server that has run great for over two years. It is a dual Pentium 1.0 Ghz, 2 GB of RAM, RAID 5 SCSI hard disks. It is running Windows 2000 Advanced Server SP3. I have always made sure to keep up on all the latest security patchs and upgrades. I have URLScan installed, run the IIS lock-down tool, followed the MS Baseline Security Analyzer, run through all the security policies and keep up with MS TechNet site. I have numerous auditing procedures in place to track logins, failures, problems, etc. Until recently, the server would work great. Staying up for over a month, until I had to restart to apply patches or something else. It would crash occasionally, but very rarely. For the past 2 weeks though, it has been crashing almost daily. After a crash, it reboots immediatly and is only down for about 3-4 minutes, but it is getting very irritating and I am very worried that it might get worse. After rebooting, the System Event log has an entry stating "The previous sustem shutdown at <time> on <date> was unexpected." What I want to know is how I can find out what caused the crash (I am assuming "blue screen"). Are there any programs available to tell you this or to read the "memory.dmp" file created when the crash occurs? Is there a setting in Windows that will help me track this down? I am assuming that it is a hardware or perhaps a COM object that is causing some sort of overrun, but I have no way of troubleshooting to track down the culprit. Any advice is appreciated.
ASKER
Thanks Bartender, but there is one problem with that... this server is located at our co-location facility. I only access it via Terminal Services or when required, PCAnywhere. I do have physical access to the server, but I can not just sit up there all day watching the screen and waiting for the system to crash. I bet if I did that, Murphy's law would take over and it wouldn't crash for over a week ; )
Any other methods?
Any other methods?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, please make sure that the swap file is created on C:.
Otherwise, no dump file will be generated.
Otherwise, no dump file will be generated.
ASKER
Bartender,
Sorry for the delay. I didn't want to answer the question until I found out more information about the problem. Your resources were great, but I found out that the problem was due to a flakey power supply. I appreciate your efforts!
Sorry for the delay. I didn't want to answer the question until I found out more information about the problem. Your resources were great, but I found out that the problem was due to a flakey power supply. I appreciate your efforts!
Glad I could be of assistance.
:o)
Cheers!
Bartender_1
:o)
Cheers!
Bartender_1
bmccleary,
Would you take me some more about the flakey power supply? I have a similar restart problem to you.
Would you take me some more about the flakey power supply? I have a similar restart problem to you.
Right click on "My computer"
Choose properties
Select the advanced tab,
Click on the "startup and Recovery" button,
Uncheck the "automatically reboot" check box.
Click ok,
click ok,
The next time the server goes down, it will stop at the blue screen of death and display the error message.
Post the error message here and the experts will be able to assist in troubleshooting it for you.
Hope this helps!
:o)
Bartender_1