Solved

Server 2003 Needs to be rebooted every 3 to 4 days - result is that it cannot see resources

Posted on 2006-11-14
11
855 Views
Last Modified: 2010-05-18
Environment:   Server 2003 Active Directory
            Connection is WAN
            Not experiencing any network problems

We currently have a Server 2003 Box at one of our clinics that needs to be re-booted every 3 to 4 days.  End result after 3 to 4 days is that the server can no longer see any of our other servers besides the workstations on its local LAN. Users can no longer print, cannot attach to resources. We believe that the problem has to do with RPC/NetBios.

After a reboot it works fine for another 3 to 4 days

The following outputs are from DCDiag and NetDiag

Before the reboot:

DCDiag:
Domain Controller Diagnosis

Performing initial setup:
   [XXX-SPEECHSRV] LDAP search failed with error 58,
   The specified server cannot perform the requested operation..
   ***Error: The machine, XXX-SPEECHSRV could not be contacted, because of a
   bad net  response.  Check to make sure that this machine is a Domain
   Controller.

NetDiag:
.......................................

    Computer Name: XXX-SPEECHSRV
    DNS Host Name: XXX-SPEECHSRV.NEMHC.ON.CA
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 6 Model 11 Stepping 1, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed

    Adapter : Internet

        Netcard queries test . . . : Passed
        NetBIOS over Tcpip . . . . : Disabled
        Dns Servers. . . . . . . . :

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Skipped
            NetBT is disabled on this interface. [Test skipped]

        WINS service test. . . . . : Skipped
            NetBT is disable on this interface. [Test skipped].


Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{D07B9D24-3722-4A44-B511-38475284818F}
    1 NetBt transport currently configured.

Autonet address test . . . . . . . : Passed

IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Passed

NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.

Winsock test . . . . . . . . . . . : Passed

DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server 'X.X.X.X' and other DCs also have some of the names registered.
    PASS - All the DNS entries for DC are registered on DNS server 'X.X.X.X' and other DCs also have some of the names registered.

Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{D07B9D24-3722-4A44-B511-38475284818F}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{D07B9D24-3722-4A44-B511-38475284818F}
    The browser is bound to 1 NetBt transport.

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Failed
    [WARNING] Cannot call DsBind to XXX-SPEECHSRV (X.X.X.X). [ERROR_OUTOFMEMORY]

Trust relationship test. . . . . . : Failed
    [FATAL] Secure channel to domain 'Domain' is broken. [ERROR_NO_LOGON_SERVERS]

Kerberos test. . . . . . . . . . . : Passed

LDAP test. . . . . . . . . . . . . : Passed
    [FATAL] Cannot open an LDAP session to 'XXX-SPEECHSRV. at 'X.X.X.X'.
    [WARNING] Failed to query SPN registration on DC 'XXX-SPEECHSRV..
    [WARNING] Failed to query SPN registration on DC 'DC-NT2

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped
    No active remote access connections.

Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information

The command completed successfully

Thanks,
Tammy
0
Comment
Question by:NEMHCIS
11 Comments
 
LVL 9

Expert Comment

by:trenes
ID: 17940972
Hi NEMHCIS,

Seems you have a winsock corruption on your machine.
Check this article from MS.
http://support.microsoft.com/kb/811259

Cheers!
regards,

Trenes
0
 
LVL 6

Expert Comment

by:camacho_marco
ID: 17941171
Do you have a DNS server on both sides????
0
 

Author Comment

by:NEMHCIS
ID: 17941320
Yes we have a DNS server at both location.  The server with the problem is a DNS server, a catalog server and a dhcp server
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 17942083
your trust has failed between the DC. I would use netdom to reset it
0
 
LVL 6

Expert Comment

by:camacho_marco
ID: 17942727
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:NEMHCIS
ID: 17947520
We have reset the Winsock (netsh winsock reset ) and the IP Stack (netsh int ip reset c:\resetlog.txt)
Had to reboot the server so unfortunately we won't know if the problem is resolved for a couple days

Thanks to everyone for the suggestions, i will keep you updated in a few days on the status of the problem.
Tammy

0
 

Expert Comment

by:BygRob
ID: 17962962
This could be your problem...  On your network card disable TCP Offload and see what happens.

Failover process does not occur when you use TCP Offload-enabled network adapters to create a team capable of TCP Offloading on a Windows Server 2003-based computer
View products that this article applies to.
Article ID : 921136
Last Review : June 30, 2006
Revision : 2.0
SYMPTOMS
When you use TCP Offload-enabled network adapters to create a team capable of TCP Offloading on a Microsoft Windows Server 2003-based computer, the failover process does not occur. The computer may stop responding.
 Back to the top

RESOLUTION
To resolve this problem, install the hotfix that is described in the following article.
919948 (http://www.kbAlertz.com/Feedback.aspx?kbNumber=919948/) Error message after you install the Windows Server 2003 Scalable Networking Pack and then change the network settings on a Windows Server 2003-based computer: "STOP 0x000000D1"
 Back to the top

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
 Back to the top

0
 

Author Comment

by:NEMHCIS
ID: 18238110
Sorry for the delayed response but the problem ended up by being the Token size.  We increased the size of the Kerberos version 5 protocol token and it’s been over a month since it’s required a reboot.


1.      Click Start, click Run, type regedit, and then click OK.
2.      Locate and then click the following subkey:
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos
               
Note If the Parameters subkey is not listed under the Kerberos subkey,  follow these steps:
a.       Right-click Kerberos, point to New, and then click Key.
b.       Type Parameters, and then press ENTER.
3.      Right-click the Parameters subkey, point to New, click DWORD Value, and then type MaxTokenSize.
4.      Double-click MaxTokenSize, set the decimal value to 100000, and then click OK.

Note The default decimal value for the MaxTokenSize registry value is 12000. Microsoft recommends that you set this decimal value to 100000 or that you set the hexadecimal value to 186a0. If you incorrectly set this value to 100000 hexadecimal, Kerberos authentication operations may fail, and programs may return errors. The 100000 hexadecimal value is an extremely large value.
5.      Quit Registry Editor.
6.      After you set the MaxTokenSize registry value, and after the computer is updated, restart the computer.
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19468801
PAQed with points refunded (500)

Computer101
EE Admin
0
 

Expert Comment

by:jaesoul
ID: 23350550
How can you check what your current token size is? I know there is a default, but what command would you use to find out?
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now