Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

Active Directory on Windows 2003 becomes non-responsive

A friend of mine has set up Active Directory on a local school's server, which is running Windows Server 2003. The primary purpose of this is to allow a group policy to be applied to the laptops. He may also be providing server-side storage for the accounts, but I'm not 100% sure if that is set up.
The server is connected to a network switch, which in turn is connected to a wireless access point. The server runs a proxy server which, when authenticated by Active Directory, is used by clients clients to access the internet. In their IT facilities there are 20 laptops which connect to the wireless access point, each of which is configured to access Active Directory on the server.

The problem is that when the laptops log into the server, it works for a short time then the laptops can no longer access Active Directory server. At first he thought the wireless AP was being overloaded, so he changed it but the problem remained. When this issue arises, the server machine freezes on "Loading your settings..." when you attempt to log in to the server physically. To regain control, the server must be hard rebooted (reset button on front of case).

The network connection itself seems fine as two network switches and two wireless APs have been used with no resolution to the problem. The event log shows nothing suspicious other than a few unusual network disconnections and automatic reconnects.

This is a reasonably urgent issue and a speedy response would be highly appreciated. Thank you in advance.
0
burningmace
Asked:
burningmace
  • 3
2 Solutions
 
ParanormasticCryptographic EngineerCommented:
1) Make sure the access points are on different channels.  Use only base channels of 1,6,11.  Channel 6 is a common default, so having one on channel 1 and the other on 11 is probably best.

2) Is there any difference between users closer to the access points vs. in the middle between them?  They may be skipping between them and not handling that properly.

3) Laptops and server OS are patched up to current including service packs, correct?

4) This is weird that the laptops authenticating causes the (radius?) server to hang.  Have you checked the server's event logs?

5) Try having only one laptop connect over wireless - maybe after hours or something if necessary.  Try a couple more individually in case one of them is causing the issue somehow.

6) Especially with this being a school, are the access points secured using WPA?  Is EAP-TLS being implemented?  If you are relying on WEP or wide open, expect that some of the students may be messing with your server...
0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
I would like to recommend few things to narrow down the issue.

1) At the time of the issue, check if DC is able to process LDAP queries.
You an try running a simple dsquery command pointing to the server and see the response.

2) Telnet to the LDAP port and see if its responsive
OR Use portqry to see if port 389/3268 is listening.

3) Check if the SYSVOL share is accessible through UNC
ie \\dcname\sysvol should open up from any client at any time.

4) If any of these steps fails, check if the server is over loaded or any process is hung.
Also, disable any Antivirus on the DC, just to ensure that AV is not filtering any requests.

5) Run perfmon from another server and connect to the DC - Just to have a look on the memory / processor Utilization as well as the AD related threads.

IF  YOU ARE NOT ABLE TO LOGIN TO THE SERVER AT THE TIME OF THIS ISSUE - CONCENTRATE ON THE SERVER PERFOMANCE COUNTERS. NO POINT IN CHECKING THE NETWORK AT THIS TIME.

Hope this helps.

Cheerio
Shaba
0
 
burningmaceAuthor Commented:
I've forwarded the comments you've posted to the guy, should get a response soon.
0
 
burningmaceAuthor Commented:
No response from him in a while, I'll assume he fixed the issue. I'll split points accordingly.
0
 
burningmaceAuthor Commented:
Thanks guys.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now