Solved

[Critical] LDAP bind was unsuccessful on directory <servername> Directory returned error:[0x51] Server Down.

Posted on 2007-03-31
6
3,024 Views
Last Modified: 2012-05-05
We have a server 2003/2000 environment with about 60-70 users. We are running one Exchange 2003 server.
This server also works as the DHCP server. We have 2 Domain controllers. Server A and Server B.

Lately I have been noticing errors on the mail server from time to time. The error is as follows

LDAP Bind was unsuccessful on directory ServerA@domain.local for distinguished name ''. Directory returned error:[0x51] Server Down.    

I get the same error message in reference that Server B is down as well.
This error will show up a lot during times but eventually will work itself out. If I leave it how it is it will fix itself. However it will come back after so long.

While this error is occurring I am not able to open AD Users and computers and I am not able to open the Exchange system manager.

I have verified that I can establish connection between both Domain Controllers while this is going on. I have also checked DNS to make sure it is pointing in the right direction. I have searched online with little luck.

There is a twist to this problem as well.
On the GC Server, AKA Server A I receive errors in the security log from my exchange server.
Here is one of the errors

Object Operation:
       Object Server:      DS
       Operation Type:      Object Access
       Object Type:      dnsNode
       Object Name:      DC=151,DC=1.168.192.in-addr.arpa,CN=MicrosoftDNS,CN=System,DC=<domain>,DC=local
       Handle ID:      -
       Primary User Name:      SERVERA$
       Primary Domain:      <DOMAIN>
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      ExchangeServer$
       Client Domain:      <Domain>
       Client Logon ID:      (0x0,0xDCD57A)
       Accesses:      Write Property
                 
       Properties:
      ---
            Default property set
                  dnsRecord
                  dNSTombstoned
      dnsNode

       Additional Info:      
       Additional Info2:      
       Access Mask:      0x20
------------------------------

The event ID is 566.

I am not sure why I am receiving these errors.

Just as a couple of notes. I have seen these questions asked and I want to cover these now.

IPCONFIG on the Exchange server shows
Primary DNS as 192.168.1.50 (GC Server)
Secondary DNS 192.168.1.6 (This server was brought offline as we needed to decomission it. It has however been brought back up for other reasons)

Also while the error is occurring I am able to ping Both Domain controllers by server name and by IP address. They also resolve the correct server name while pinging by IP. Also these domain controllers are able to the Exchange server.

Now as I am writing this I did have a thought. Let me give a little more background information on the secondary DNS Server as well as the second Domain Controller.

The secondary DNS server was brought offline using DCPROMO. This is no longer a domain controller however I ((Think)) DNS is still enabled on it. I can confirm this at a later time once I can connect to my network. Cisco VPN doesn't work on Vista =P

We do however have a second domain controller but it is not setup for DNS just yet. The exchange server points to the Global Catalog server for it's primary DNS and points to the decommissioned domain controller for it's secondary DNS.

I would not think that this would cause a problem as the primary DNS is still working.

I hope this provides enough information to my problem.
0
Comment
Question by:Drakin030
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 26

Accepted Solution

by:
MidnightOne earned 500 total points
ID: 18829464
Configure the new DC for DNS, using active-directory integrated. Repoint all servers to use the new DC as a secondary.

See if this stops the errors.

MidnightOne
0
 

Author Comment

by:Drakin030
ID: 18836085
I changed the DNS to the second domain controller. I do have one question though.

The server that we took down had "Domain Controller" and "DNS Server" as it's server roles.

The second domain controller just has "Domain Controller" as it's server role. However DNS Server services are installed.

Do I need to add the DNS Server role or is it basically already there?
0
 

Author Comment

by:Drakin030
ID: 18843589
Day 2 and no problems so far. If this works throughout  the day I will consider this fixed.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:Drakin030
ID: 18850376
Day 3 no problems. I guess that fixed it.
0
 
LVL 5

Expert Comment

by:jhill777
ID: 18854048
I am getting this too immediately after a reboot and I need to start the Exchange Information Store and Symantec Mail Security services manually.  This is the only server in the office and don't have a secondary to just flip the switch to like this.  Is there anything else I can do?
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 18854545
jhill777:

Sadly, the original question and yours are unrelated. You'll have to open your own question.

MidnightOne
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question