Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

AD vanishing act

Posted on 2010-01-04
4
Medium Priority
?
357 Views
Last Modified: 2012-05-08
Today we've had ongoing issues with a windows 2003 based network. The network has seen strange issues with XP based workstations hanging at "applying computer settings" for at least 20 minutes before finally showing the desktop. The workstations would then be unable to access any network files. The network folders showed normally, they could view the contents of any folder, but when they tried an excel file, for example, Excel just said "downloading <filename>" and sat there and explorer would stop responding.

We have an EE post of the issue here:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_25017141.html

The situation got worse later on in the day and the reason I've created a new EE post is that I'm not sure the issues are related or just very poor coincidence.

At about 4pm suddenly the server just stopped responding. Email (it runs Exchange) says it couldnt find the server. DNS appeared not to work for the network. RDP to the server failed at the same time. The event log at that time gets jammed with loads of errors from apps reporting that suddenly there were no Active Directory servers available. However, the first few logs are included below. In the end we had to cold reboot the server by removing the power cable. When it came back up everything, including the other issues from the previous EE post, was back and working again.

Does anyone know of a way to fault find the cause of this or perhaps view some other log files somewhere that may give an indication as to the cause?

******************************************
Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4016
Date:            04/01/2010
Time:            15:57:39
User:            N/A
Computer:      myserver
Description:
The DNS server timed out attempting an Active Directory service operation on DC=desktop9,DC=domain.local,cn=MicrosoftDNS,DC=DomainDnsZones,DC=domain,DC=local.  Check Active Directory to see that it is functioning properly. The event data contains the error.

Data:
0000: 55 00 00 00               U...    
***********************************
Event Type:      Warning
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1655
Date:            04/01/2010
Time:            16:44:52
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      myserver
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
 
Global catalog:
\\myserver.domain.local
 
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
 
Additional Data
Error value:
1818 The remote procedure call was cancelled.
*****************************************
Event Type:      Error
Event Source:      MSExchange ADAccess
Event Category:      Topology
Event ID:      2102
Date:            04/01/2010
Time:            16:00:10
User:            N/A
Computer:      myserver
Description:
Process MAD.EXE (PID=2832). All Domain Controller Servers in use are not responding:
myserver.domain.local
0
Comment
Question by:stonneway
  • 2
4 Comments
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 26179056
Sounds like a DNS issue from the start (though I haven't looked at the other Q yet). But certainly I'd say every problem you mentioned in this particular Q likely stem from some sort of DNS issue.

Can you run a dcdiag /test:DNS on the DC, check everything passes ok, and post the results here too?

Cheers,

Pete
0
 
LVL 1

Author Comment

by:stonneway
ID: 26179206
Not much to see I'm afraid. In normal usage the network behaves very well.


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\myserver
      Starting test: Connectivity
         ......................... myserver passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\myserver

DNS Tests are running and not hung. Please wait a few minutes...
   
   Running partition tests on : ForestDnsZones
   
   Running partition tests on : DomainDnsZones
   
   Running partition tests on : Schema
   
   Running partition tests on : Configuration
   
   Running partition tests on : domain
   
   Running enterprise tests on : domain.local
      Starting test: DNS
         ......................... domain.local passed test DNS
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 26179350
Hmmmm... If this is the only DC in the domain, and also runs Exchange and acts as the file server etc, there are many many possibilities - The OS could simply have had a 'wobbly', and brought everything else down with it.

You might want to check for disk errors etc, in case one of the disks in the server is on it's way out or something... Other than that, if there are no more errors in the event logs, I can't even think where to start really!

What was showing on the actual console of the server once it had 'failed' completely (i.e. just prior to the hard boot you did)?

Pete
0
 
LVL 7

Accepted Solution

by:
himvy earned 2000 total points
ID: 26288110


Are there any LSASRV or netlogon events in the event viewer on the server?
If yes then ,apply the fix in the following kb's and reboot the server:
http://support.microsoft.com/kb/938449
http://support.microsoft.com/kb/244474

-Let us know the end results.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question