When to cut your losses and reinstall 2000 server?

Here's the scoop - I'm the IT manager for a small mfg co.  Until 4 years ago, our IT was focused mainly on IBM midrange environment - System 36, AS/400's.  As more people needed to share pc resources (printers, files, internet connections, etc.) we decided to install a windows 2000 server (dell with intel hubs).  My stepson installed it, and he did a good job - at least it worked well.  At some point after the installation, the logs started showing 3 errors being thrown every 5 minutes.  I'm at home now, but I believe the errors are the userenv and scecli (there are two occurences of one of them.)  Additionally, I'm occasionally and sporadically losing connections to the AS/400 when using a telnet 5250 client or IBM Client Access.  My environment is: Pulling fractional T (4 channels) through the channel bank/router to Intel hubs (2 daisy chained together, each w/24 ports) to Windows 2000 Server (or advanced server - can't remember).  Clients include Windows 95, 98, XP, 2000, an AS/400 and a Linux box.

We are in the process of adding office space and users, and therefore wanted to get some of these issues cleaned up, and set myself up properly to move forward.........So, I decided I needed some outside expert help (seems logical !).  In the last 3 months, I have had 9 people with 4 different companies (windows 2000 experts) come in to take a look.  The first company came in, poked around, said they'd get back to me on the error messages - never did.  The second company came in, poked around some more, didn't have a clue.  I asked when it made sense to reload. They said they'd call the next day, never did.  The 3rd company came in, we talked about the network structure, he heard we had a AS/400 attached and thought the network problems were AS/400 related - see ya, have a nice day.  The 4th company was just in.  They seemed the most knowledgeable. and were able to resolve the errors that I mentioned above.

HOWEVER..... When the 1st company was in, they updated the server to SP3.  After they left, I started having problems with DNS -  server and clients could not resolve names to internet addresses, but could access via their ip address - no errors logged though.  I called them, and they walked me through checking services - found that Stopping and Starting DNS server service got things going again - for a while.   I could actually make it fail, it I went out to a bunch of sites that I have never been to before, but still not error thrown.  They said they'd get back to me - never did - I think they were waiting for me to sign a service contract - why would I do that if they didn't fix anything, and in fact introduced another problem.  ANYWAY..........As mentioned, the 4th (last) company seemed to be more knowledgable, and were able to eradicate the scecli and userenv messages.  The night before they were in, I was poking around the internet and found reference to DNS failing with no error, and it referenced a known bad DNS.EXE version - the one I had.  They upgraded to SP4, and it got the new DNS.EXE.  SO......They were able to fix several things, I couldn't force a DNS failure - things looked good.  THEN.......soon after they left, clients computers would load IE and just appear to freeze when trying to go out to the internet.  Stopping and Starting DNS resolved the issue, and I have even done a reboot, but as of Friday PM it still failed.

THIS SUCKS!!!!!!!!!!

When do you finally said the hell with it and do a fresh install of Windows 2000 Server?  I'm even willing to buy a new server - I need more capacity anyway, and need to buy more hubs/switches.  Doesn't it seem odd to keep throwing man hours after it?  What is the likelyhood of these issues going away with a clean install?  Does anyone else wish Windows 2000 environments ran as reliably as AS/400 envireonments?

Any help would be greatly appreciated.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Not to be a smartass or anything, but welcome to a Windows world(tm) :-)
I agree with you, if Windows could run as well as AS/400's and Unix, things would be different (unemployment would be much higher?!?)?

Have you tried running Ad-aware on the client computers?
Do you have Automatically detect settings for your LAN connection on Windows clients?
Running a proxy?

My advise is, stick with the 4th firm, atleast they know what they're doing and they're not getting scared away to fast.

And if I may ask where are you located? States I suppose? If in Europe, I know some companies which would love to help you solve your problem.

raprealmAuthor Commented:
in reverse -
yes, states
no proxy
automatic, yes
Ad-Aware?  Why?  Is there documentation that would suggest Adware on Client messes with the server?  The clients are running NAV and are up to date.
Freezing IE, could be a result of spyware & other junk which claps itself to IE. Cleaning that, might solve the problem.

Automatic - yes - disable.

Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

A proper set up and maintained W2k domain will run stable. Most problems arise from installations and configurations by unexperienced people. Let someone unexperienced install a Unix server, and it will produce results similar to those attributed to Windows.
Anyway, to the problem at hand.
It looks like a DNS configuration issue; check out your DNS settings.
The most important stuff in short (check the FAQ for a verbose version): On your DC, the DNS entry should point *only* to itself. On your clients, the DNS entry should point *only* to your DC. This makes sure your internal name resoultion works properly. For external resolution to function, delete the "." forward lookup zone if present (and configure forwarders).
You'll find more information at the end; some of the links refer to stuff that's already been done, but for troubleshooting, it might prove useful anyway.
In addition, for your Win9x network clients to work properly, install a WINS server on your DC (unless it has more than one NIC enabled), and let your clients point to it; make sure NetBIOS over TCP/IP is enabled on your server (and preferrably on your W2k/XP machines as well). Disable the computer browser service on any machine that has more than one NIC enabled.
For starters on your dropped AS/400 connections, make sure the name is registered on your DNS server, and create a static entry in WINS as well. In general, create those records for any non-Win-Client (your Linux box, for example).
Kick any "Windows 2000 Experts" who aren't even capable of querying the MS knowledge base. A quick search for SceCli and UserEnv in Windows 2000 yields 43 results (which could probably have been narrowed down further with the Event IDs). My guess is that your problem was among them.
I'd say there's no need for a reinstallation yet. For the future, you might want to look into a backup DC anyway.

And now I wish you Happy Reading:

Search the Knowledge Base

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS

Windows 2000 DNS and Active Directory Information and Technical Resources

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000

HOW TO: Configure DNS for Internet Access in Windows 2000

Setting Up the Domain Name System for Active Directory

Troubleshooting Common Active Directory Setup Issues in Windows 2000

How to Verify the Creation of SRV Records for a Domain Controller

HOW TO: Install Network Services Such as WINS and DNS in Windows 2000

HOW TO: Install WINS in Windows 2000 Server or Windows 2000 Advanced Server

raprealmAuthor Commented:
First off - Thanks for the comments and links - excellent comments and suggestons.

Secondlly - This is my first post.  I know that questions should be specific to have a higher likelyhood of an answer, so I appologize for the vagueness of the question I posted.  

What I'm not sure of, is :  when is it  appropriate to "accept", does the "accept" close the question, and if multiple people respond, how to issue the points.   There seems to be a TREMENDOUS amount of knowledge on this site.  If you folks are doing this "gratis", or just for the points accumulation, you all are saints!

Thirdly - with regard to
"For starters on your dropped AS/400 connections, make sure the name is registered on your DNS server, and create a static entry in WINS as well. In general, create those records for any non-Win-Client (your Linux box, for example)."
The server is running DHCP and AD.  I have the IP of the AS/400 reserved (or excluded from the address pool is a more appropriate statement I guess) in DHCP so that the IP doesn't get leased to another machine.  Is this not sufficient?

You'll find on information on how to close/accept a question and how, if necessary, to split points here: http://oldlook.experts-exchange.com/help/ (or http://www.experts-exchange.com/help/ of course, but my eyes prefer oldlook ...) The "accept" will close the question and award the points, so it's probably most appropriate (especially for you) to accept an answer once your problem is (at least partially) solved. And, yes, I'm doing this "gratis", but I wouldn't consider myself a saint; my motive is that I'm gaining knowledge myself this way ...
Well, your question wasn't that vague; I've seen worse. It doesn't seem like your event log is all red (or you'd have reported it), and your server doesn't seem to be rebooting by its own, so in general, it seems to be running OK.
As for the naming: Your setup seems OK, as long as you just refer to the AS/400's IP address. But why not draw advantages out of your DNS? And instead of excluding your servers' IP addresses in DHCP, I'd recommend (if possible) to reduce the address pool instead so that you have a free pool for your server addresses.
Are your AS/400 connections dropped on all clients, or just on Win9x, or just on W2k/XP?

While I'm at it: Another useful command when trying to troubleshoot DNS issues is "ipconfig /flushdns" (on your W2k/XP machines), which flushes the DNS client's resolver cache.
And don't forget the Support Tools (in your case especially netdiag.exe), if they aren't installed yet. They came with the CD (\Support\Tools), but do NOT install them from the CD. Some of the tools get updated by Service Packs as well; download the current version here:
Windows 2000 SP4 Support Tools

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000

For the future, you might want to have a look at the Resource Kit which offers a wide variety of useful tools:
Windows 2000 Server Resource Kit Tools

I guess that should keep you busy for a while ;)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
raprealmAuthor Commented:
Thanks for your help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.