Windows 2003 AD and DC Errors - Need some help!

Hello All.

I have a very long winded situation here so let me just start by saying that I am new to the company as Network Administrator.
Currently staffed are another Desktop Admin, and IT Manager - There is absolutely no communication in this team.

We have the following implementation:
Head Office is ServerDC and ServerDC1 - both 2003  Running Exchange 2007.
ServerDC is the Operations,RID, Schema Master, DHCP, DNS etc.
Also we have DFS running for data availability and replication

We have 10 Remote site locations which do not have their own internet connection. They connect via an MPLS and out to the internet.

Problem:
Yesterday out of the blue, no on can access file shares:  The "fileserver" which is the host of the namespace locks up.  I did the necessary testing then decided to reboot the server. Once the server restarted, NO One could get any of the mapped drives, or DFS data.
The file server was giving errors in Event Viewer that the local drive G and H have been deleted or disabled.
While im looking into this, one of my co-workers reboots ServerDC.  
After that reboot, no one could log in!!
I found that on ServerDC1 the NETLOGIN service was stuck "starting".  Once i restarted it everything was back online.
BUT now I have all sorts of errors:

1. User machines showing up in DC event logs - Security Database rejected

2. Autoenrollment from all Site office Domain Controllers

3. Warnings about FRS not being able to resolve DNS names.

4. The DNS server encountered an invalid domain name in a packet from x.x.x.x.
I decided to run the command Set Logonserver to see what server a few users are authenticating against.  Its a split - either DC or DC1  is this normal??

5. The session setup from computer 'username' failed because the security database does not contain a trust account 'user$' referenced by the specified computer.  


Thank god Exchange was not at all interrupted or errors!
This is a mess!
LVL 2
camoITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

g000seCommented:
Hi,

Did you run a dcdiag already?  If so, can you share your findings?  Tx

Check your DNS server and the event logs.  What are you findings there?
0
camoITAuthor Commented:
DCDIAG
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS\system32>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: HeadOffice\ServerDC
      Starting test: Connectivity
         ......................... ServerDC passed test Connectivity

Doing primary tests

   Testing server: HeadOffice\ServerDC
      Starting test: Replications
         ......................... ServerDC passed test Replications
      Starting test: NCSecDesc
         ......................... ServerDC passed test NCSecDesc
      Starting test: NetLogons
         ......................... ServerDC passed test NetLogons
      Starting test: Advertising
         .........................  ServeDC passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... ServerDC passed test KnowsOfRoleHolders
      Starting test: RidManager
         .........................  ServerDC passed test RidManager
      Starting test: MachineAccount
         .........................  ServeDC passed test MachineAccount
      Starting test: Services
         .........................  ServeDC passed test Services
      Starting test: ObjectsReplicated
         .........................  ServeDC passed test ObjectsReplicated
      Starting test: frssysvol
         .........................  ServeDC passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         .........................  ServeDC failed test frsevent
      Starting test: kccevent
         .........................  ServeDC passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 04/23/2010   14:22:03
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:36:06
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:36:07
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:36:08
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:36:08
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 04/23/2010   14:51:42
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:58:11
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:58:13
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:58:15
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/23/2010   14:58:15
            (Event String could not be retrieved)
         .........................  ServeDC failed test systemlog
      Starting test: VerifyReferences
         .........................  ServeDC passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : "our domain"
      Starting test: CrossRefValidation
         ......................... Our domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Our Domain passed test CheckSDRefDom

   Running enterprise tests on : ourdomain.com
      Starting test: Intersite
         ......................... ourdomain.com passed test Intersite
      Starting test: FsmoCheck
         ......................... ourdomain.com passed test FsmoCheck


DNS Event Logs

The DNS server timed out attempting an Active Directory service operation on DC=28,DC=X.0.10.in-addr.arpa,cn=MicrosoftDNS,DC=DomainDnsZones,DC=ourdomain,DC=com.  Check Active Directory to see that it is functioning properly. The event data contains the error.

The DNS server timed out attempting an Active Directory service operation on DC=APIKEnew,DC=ourdomain.com,cn=MicrosoftDNS,cn=System,DC ourdomain,DC=com.  Check Active Directory to see that it is functioning properly. The event data contains the error.

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

0
onktCommented:

You can do the upgrade without any problems. I did it to on my system. You can visit this website for more information:
http://osxdaily.com/2009/08/28/mac-os-x-106-snow-leopard-upgrade-works-on-tiger-104-machines/
Your performance will not be effected in any way, i have the same configuration and i find my system booting en working faster then before.

Hope this helps

Onkt
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

ry_berkCommented:
I dont see how your information helped at all onkt.

Looks like its a problem with DNS initially which is affecting AD.
0
eridzoneCommented:
check your DC's event log i.e. security log whether it is full
0
ARK-DSCommented:
Hello,

Ofcourse it can be a DNS issue so, first check the DNS events and check DNS configuration.

I would like to know one more thing. Have you looked into the matter with Local Drives on File Server?
It may be a mixed/multiple issue situation. How many replica members are replicating DFS replicas? (Apart from FileServer).

Copy DFSUTIL from any DC having resource kit to any client machine having issues with DFS access (while G and H drives are disconnected on FileServer).
 
Then run these commands on client machine:

DFSUTIL /PURGEMUPCACHE
DFSUTIL /SPCFLUSH
DFSUTIL /PKTFLUSH

this will clear the cache of DFS from client machine and it will ask the clinet machines to poll AD again to look for a replica member.

Do report any DNS errors.

Regards,

Arun.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.