Our primary domain controller which has the FSMO roles on it, stops authenticating users periodically. The server appears to be working ok and all of sudden, we will get calls that users are unable to log into different programs, also, once this happens, we are unable to quickly nav to \\servername\netlogon. It will take several minutes for it to come up. Once we reboot the server everything is fine for about 4 hours...give or take an hour.
Have you seen anything like this or have any suggestions as to where to check? We have ran dcdiag on the server an everything looks fine.
One thing is have seen is consistent Event errors 4010
he DNS server was unable to create a resource record for x.x.xx.in-addr.arpa. in zone 10.in-addr.arpa. The Active Directory definition of this resource record is corrupt or contains an invalid DNS name. The event data contains the error.
The DNS server timed out attempting an Active Directory service operation on DC=_ldap._tcp.d7f56b51-2178-4c18-b7cf-ca0d9e677278.domains,DC=_msdcs.xxxx.ad,cn=MicrosoftDNS,DC=ForestDnsZones,DC=xxxx,DC=ad. Check Active Directory to see that it is functioning properly. The event data contains the error.
The DNS server timed out attempting an Active Directory service operation on DC=x,DC=x.x.x.in-addr.arpa,cn=MicrosoftDNS,cn=System,DC=xxxxDC=ad. Check Active Directory to see that it is functioning properly. The event data contains the error. Also, Our firewall logs show that our DNS servers are making constant requests out to the internet to the Auth servers.
Penny for your thoughts...