Solved

[Critical] LDAP bind was unsuccessful on directory <servername> Directory returned error:[0x51] Server Down.

Posted on 2007-03-31
6
2,999 Views
Last Modified: 2012-05-05
We have a server 2003/2000 environment with about 60-70 users. We are running one Exchange 2003 server.
This server also works as the DHCP server. We have 2 Domain controllers. Server A and Server B.

Lately I have been noticing errors on the mail server from time to time. The error is as follows

LDAP Bind was unsuccessful on directory ServerA@domain.local for distinguished name ''. Directory returned error:[0x51] Server Down.    

I get the same error message in reference that Server B is down as well.
This error will show up a lot during times but eventually will work itself out. If I leave it how it is it will fix itself. However it will come back after so long.

While this error is occurring I am not able to open AD Users and computers and I am not able to open the Exchange system manager.

I have verified that I can establish connection between both Domain Controllers while this is going on. I have also checked DNS to make sure it is pointing in the right direction. I have searched online with little luck.

There is a twist to this problem as well.
On the GC Server, AKA Server A I receive errors in the security log from my exchange server.
Here is one of the errors

Object Operation:
       Object Server:      DS
       Operation Type:      Object Access
       Object Type:      dnsNode
       Object Name:      DC=151,DC=1.168.192.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=<domain>,DC=local
       Handle ID:      -
       Primary User Name:      SERVERA$
       Primary Domain:      <DOMAIN>
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      ExchangeServer$
       Client Domain:      <Domain>
       Client Logon ID:      (0x0,0xDCD57A)
       Accesses:      Write Property
                 
       Properties:
      ---
            Default property set
                  dnsRecord
                  dNSTombstoned
      dnsNode

       Additional Info:      
       Additional Info2:      
       Access Mask:      0x20
------------------------------

The event ID is 566.

I am not sure why I am receiving these errors.

Just as a couple of notes. I have seen these questions asked and I want to cover these now.

IPCONFIG on the Exchange server shows
Primary DNS as 192.168.1.50 (GC Server)
Secondary DNS 192.168.1.6 (This server was brought offline as we needed to decomission it. It has however been brought back up for other reasons)

Also while the error is occurring I am able to ping Both Domain controllers by server name and by IP address. They also resolve the correct server name while pinging by IP. Also these domain controllers are able to the Exchange server.

Now as I am writing this I did have a thought. Let me give a little more background information on the secondary DNS Server as well as the second Domain Controller.

The secondary DNS server was brought offline using DCPROMO. This is no longer a domain controller however I ((Think)) DNS is still enabled on it. I can confirm this at a later time once I can connect to my network. Cisco VPN doesn't work on Vista =P

We do however have a second domain controller but it is not setup for DNS just yet. The exchange server points to the Global Catalog server for it's primary DNS and points to the decommissioned domain controller for it's secondary DNS.

I would not think that this would cause a problem as the primary DNS is still working.

I hope this provides enough information to my problem.
0
Comment
Question by:Drakin030
  • 3
  • 2
6 Comments
 
LVL 26

Accepted Solution

by:
MidnightOne earned 500 total points
ID: 18829464
Configure the new DC for DNS, using active-directory integrated. Repoint all servers to use the new DC as a secondary.

See if this stops the errors.

MidnightOne
0
 

Author Comment

by:Drakin030
ID: 18836085
I changed the DNS to the second domain controller. I do have one question though.

The server that we took down had "Domain Controller" and "DNS Server" as it's server roles.

The second domain controller just has "Domain Controller" as it's server role. However DNS Server services are installed.

Do I need to add the DNS Server role or is it basically already there?
0
 

Author Comment

by:Drakin030
ID: 18843589
Day 2 and no problems so far. If this works throughout  the day I will consider this fixed.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:Drakin030
ID: 18850376
Day 3 no problems. I guess that fixed it.
0
 
LVL 5

Expert Comment

by:jhill777
ID: 18854048
I am getting this too immediately after a reboot and I need to start the Exchange Information Store and Symantec Mail Security services manually.  This is the only server in the office and don't have a secondary to just flip the switch to like this.  Is there anything else I can do?
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 18854545
jhill777:

Sadly, the original question and yours are unrelated. You'll have to open your own question.

MidnightOne
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now