Solved

Active Directory on Windows 2003 becomes non-responsive

Posted on 2009-05-05
5
240 Views
Last Modified: 2012-05-06
A friend of mine has set up Active Directory on a local school's server, which is running Windows Server 2003. The primary purpose of this is to allow a group policy to be applied to the laptops. He may also be providing server-side storage for the accounts, but I'm not 100% sure if that is set up.
The server is connected to a network switch, which in turn is connected to a wireless access point. The server runs a proxy server which, when authenticated by Active Directory, is used by clients clients to access the internet. In their IT facilities there are 20 laptops which connect to the wireless access point, each of which is configured to access Active Directory on the server.

The problem is that when the laptops log into the server, it works for a short time then the laptops can no longer access Active Directory server. At first he thought the wireless AP was being overloaded, so he changed it but the problem remained. When this issue arises, the server machine freezes on "Loading your settings..." when you attempt to log in to the server physically. To regain control, the server must be hard rebooted (reset button on front of case).

The network connection itself seems fine as two network switches and two wireless APs have been used with no resolution to the problem. The event log shows nothing suspicious other than a few unusual network disconnections and automatic reconnects.

This is a reasonably urgent issue and a speedy response would be highly appreciated. Thank you in advance.
0
Comment
Question by:burningmace
  • 3
5 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 250 total points
ID: 24316398
1) Make sure the access points are on different channels.  Use only base channels of 1,6,11.  Channel 6 is a common default, so having one on channel 1 and the other on 11 is probably best.

2) Is there any difference between users closer to the access points vs. in the middle between them?  They may be skipping between them and not handling that properly.

3) Laptops and server OS are patched up to current including service packs, correct?

4) This is weird that the laptops authenticating causes the (radius?) server to hang.  Have you checked the server's event logs?

5) Try having only one laptop connect over wireless - maybe after hours or something if necessary.  Try a couple more individually in case one of them is causing the issue somehow.

6) Especially with this being a school, are the access points secured using WPA?  Is EAP-TLS being implemented?  If you are relying on WEP or wide open, expect that some of the students may be messing with your server...
0
 
LVL 14

Assisted Solution

by:Shabarinath Ramadasan
Shabarinath Ramadasan earned 250 total points
ID: 24325147
I would like to recommend few things to narrow down the issue.

1) At the time of the issue, check if DC is able to process LDAP queries.
You an try running a simple dsquery command pointing to the server and see the response.

2) Telnet to the LDAP port and see if its responsive
OR Use portqry to see if port 389/3268 is listening.

3) Check if the SYSVOL share is accessible through UNC
ie \\dcname\sysvol should open up from any client at any time.

4) If any of these steps fails, check if the server is over loaded or any process is hung.
Also, disable any Antivirus on the DC, just to ensure that AV is not filtering any requests.

5) Run perfmon from another server and connect to the DC - Just to have a look on the memory / processor Utilization as well as the AD related threads.

IF  YOU ARE NOT ABLE TO LOGIN TO THE SERVER AT THE TIME OF THIS ISSUE - CONCENTRATE ON THE SERVER PERFOMANCE COUNTERS. NO POINT IN CHECKING THE NETWORK AT THIS TIME.

Hope this helps.

Cheerio
Shaba
0
 
LVL 5

Author Comment

by:burningmace
ID: 24325711
I've forwarded the comments you've posted to the guy, should get a response soon.
0
 
LVL 5

Author Comment

by:burningmace
ID: 24370493
No response from him in a while, I'll assume he fixed the issue. I'll split points accordingly.
0
 
LVL 5

Author Closing Comment

by:burningmace
ID: 31578273
Thanks guys.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Know what services you can and cannot, should and should not combine on your server.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

939 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now