Solved

Event ID 4015 -- functioning active directory

Posted on 2009-05-13
10
2,554 Views
Last Modified: 2012-05-06
Hello all, new user here, first post.

I have been banging my head against the wall on this one, can't find any information on this that makes sense to me.

We have 2 domain controllers, both Win2k3 with latest SP and security updates.  Recently, about a month ago, we started experiencing DNS/Active Directory issues with our Mac clients.  We found a work around but now our VPN uers are having errors that is leading me to believe our domain controllers/active directory is corrupt or not functioning properly.

I've gone into the event view and started noticing event id 4015 in the DNS Server and in Directory Service event ID 1168.

I'm fairly new to administering Active Directory and Domain Controllers, so any help would be greatly appreciated.

nix-IT
0
Comment
Question by:nix-IT
  • 5
  • 4
10 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24378172
What are the actual problems the VPN users are having.  Are they having issues access email or file shares?
Thanks
Mike
0
 

Author Comment

by:nix-IT
ID: 24378233
The users can't access their email or the file shares and the problem is intermittent.  I've been working with our VPN service provider for the past 2 weeks, and they claim nothing has changed.  The VPN service providers state that it could be a DNS issue.

The users can sometimes access the shares by share name, but when they can't, they can access them by IP address.

Today a user can't access any of the shares by IP or name.

nix-IT

0
 

Author Comment

by:nix-IT
ID: 24378834
more on this issue.  during my searching online, I found a microsoft article that stated to check the Active Directory database location with the following command:

ntdsutil files info

This returned the location of:

c:\windows\ntds and the database file.  I confirmed that the database file is in that location with a current date/time stamp.

not sure if this helps.

look forward to some responses.

nix-IT
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 57

Expert Comment

by:Mike Kline
ID: 24379181
We have had something similar with users when they VPN in (outlook/mail issues).  What we are trying is forcing the clients to use TCP for kerberos (it is helping)

http://support.microsoft.com/kb/244474 
How to force Kerberos to use TCP instead of UDP in Windows

http://blogs.technet.com/askds/archive/2008/03/06/kerberos-for-the-busy-admin.aspx

&A common problem is that routers will arbitrarily fragment UDP packets; when this happens the Kerberos ticket request packets are discarded by the KDC. Windows Vista and Windows Server 2008 now default to using TCP for Kerberos ticket requests&
 
May want to try that registy change on one or two test machines.
Thanks
Mike
0
 
LVL 3

Expert Comment

by:ISWSIMBX
ID: 24379359
Can you post the contents of the 4015 event?  Was anything changed with your Active Directory or DNS about a month ago?
0
 

Author Comment

by:nix-IT
ID: 24379425
Here are the contents:

Event Type:      Error

Event Source:      DNS

Event Category:      None

Event ID:      4015

Date:            5/13/2009

Time:            12:35:54 PM

User:            N/A

Computer:      SRVPDC

Description:

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 00000051
------------------------------------------

In directory service, I also see event id: 1168, with the contents:

Event Type:      Error

Event Source:      NTDS General

Event Category:      Internal Processing

Event ID:      1168

Date:            5/13/2009

Time:            12:45:16 PM

User:            NT AUTHORITY\ANONYMOUS LOGON

Computer:      SRVPDC

Description:

Internal error: An Active Directory error has occurred.

 

Additional Data

Error value (decimal):

1053

Error value (hex):

41d

Internal ID:

3000502

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

----------------------

not sure if this helps.

Thanx all for your help.

nix-IT
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24379565
Does the 4015 event happen after a reboot/restart?  Are you pointing the boxes to themselves for primary DNS?
Thanks
Mike
0
 

Author Comment

by:nix-IT
ID: 24379598
yes, this happens after a reboot, and yes, they are pointing to themselves.

I want to clarify, I did not set up the domain controllers or these DNS servers.  :)

nix-IT

0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 24379646
Well setting them up to point to themselves is ok, but I've seen this 4015 before and you will hear it called the "race condition" problem.  So DNS and AD are both trying to start and they depend on each other and then they fail.
Try pointing to each other for primary and to themselves as secondary and then during your next maintenance cycle reboot one of the boxes and see if you get the 4015 errors still.
Then reboot the other and observe the results.
We have had luck with that configuration on our DCs that had this issue.
Thanks
Mike
0
 

Author Comment

by:nix-IT
ID: 24379661
Mike,

Thanks, I will give this a shot and report back in the AM.

nix-IT
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question