Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

What is wrong with the distributed file service?

Posted on 2009-04-14
6
Medium Priority
?
683 Views
Last Modified: 2012-05-06
I have a 2003 SP2 DC that has high processor (13-30%) usage by dfssvc.exe.  When I stop the dfs service processor usage drops to 0-1%.  At the same time, in the security log the server is logging hundreds of successful logon/logoff/special privileges assigned every Second!  But at stopping the dfs service those also stop.  This continues all day and night.  I am not using dfs and am thinking of leaving it set at manual startup.

Also disabled Symantec Endpoint Protection and this did nothing.  This is a DC, DNS, DHCP, print and file server.  Only other software running is Doubletake latest version.l

Any ideas as to what has happened?
0
Comment
Question by:Bootmaster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
6 Comments
 

Author Comment

by:Bootmaster
ID: 24149491
OK, more info.  I have found from monitoring the security event log and the application log the the high processor usage on the server by lsass and dfs starts when people come into the office in the morning and ends when people leave.  I thought it went all night but it does not.

Also throughout the day these two errors occur in the server Application log:

Windows cannot perform filter check for Group Policy object CN={99BCF64E-D350-401E-9FBF-24AEB17CE9FC},CN=Policies,CN=System,DC=CrownWestRealty,DC=local. The associated filter cannot be found. This Group Policy Object will be skipped.

Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

I have checked gpresult and dcdiag and everything seems fine.  I have 4 2003 dc and this is only occuring on one.
0
 

Author Comment

by:Bootmaster
ID: 24149567
I am also receiving this error in the app log:

Windows cannot bind to Crown.local domain. (Local Error). Group Policy processing aborted.

This also only occurs during the day.
0
 

Author Comment

by:Bootmaster
ID: 24153157
As a followup.  Don't know if the high processor activity for lsass and dfssrv is even related to the Application log errors of 1030,1006,1104.  Those errors have ceased this afternoon about 2pm.  The high processor levels of lsass and dfssrv are still running and generating the security log events of 538, 540, and 576.  Hundreds per second which is in keeping with the high processor activity of lsass and dfssrv.

The security logs are all the same of the local dc logging on, getting special permissions, and logging off.
Remember, if I disable dfs then the security logs back off to normal and processor use drops totally off.
0
 

Accepted Solution

by:
Bootmaster earned 0 total points
ID: 24161296
Figured it out!!  What was causing the issue was an orphaned archive folder showing in a users' Outlook file tree.  You could not delete the folder, Outlook would not let you, but it could not find the actual archive file which had been moved from the server to the user workstation..  Deleted the user mail profile and recreated it and all is well.  Amazing the effect on the server by this.  
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question