Bootmaster
asked on
What is wrong with the distributed file service?
I have a 2003 SP2 DC that has high processor (13-30%) usage by dfssvc.exe. When I stop the dfs service processor usage drops to 0-1%. At the same time, in the security log the server is logging hundreds of successful logon/logoff/special privileges assigned every Second! But at stopping the dfs service those also stop. This continues all day and night. I am not using dfs and am thinking of leaving it set at manual startup.
Also disabled Symantec Endpoint Protection and this did nothing. This is a DC, DNS, DHCP, print and file server. Only other software running is Doubletake latest version.l
Any ideas as to what has happened?
Also disabled Symantec Endpoint Protection and this did nothing. This is a DC, DNS, DHCP, print and file server. Only other software running is Doubletake latest version.l
Any ideas as to what has happened?
ASKER
I am also receiving this error in the app log:
Windows cannot bind to Crown.local domain. (Local Error). Group Policy processing aborted.
This also only occurs during the day.
Windows cannot bind to Crown.local domain. (Local Error). Group Policy processing aborted.
This also only occurs during the day.
ASKER
As a followup. Don't know if the high processor activity for lsass and dfssrv is even related to the Application log errors of 1030,1006,1104. Those errors have ceased this afternoon about 2pm. The high processor levels of lsass and dfssrv are still running and generating the security log events of 538, 540, and 576. Hundreds per second which is in keeping with the high processor activity of lsass and dfssrv.
The security logs are all the same of the local dc logging on, getting special permissions, and logging off.
Remember, if I disable dfs then the security logs back off to normal and processor use drops totally off.
The security logs are all the same of the local dc logging on, getting special permissions, and logging off.
Remember, if I disable dfs then the security logs back off to normal and processor use drops totally off.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Also throughout the day these two errors occur in the server Application log:
Windows cannot perform filter check for Group Policy object CN={99BCF64E-D350-401E-9FB
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
I have checked gpresult and dcdiag and everything seems fine. I have 4 2003 dc and this is only occuring on one.