Windows 2003 AD and DC Errors - Need some help!
Hello All.
I have a very long winded situation here so let me just start by saying that I am new to the company as Network Administrator.
Currently staffed are another Desktop Admin, and IT Manager - There is absolutely no communication in this team.
We have the following implementation:
Head Office is ServerDC and ServerDC1 - both 2003 Running Exchange 2007.
ServerDC is the Operations,RID, Schema Master, DHCP, DNS etc.
Also we have DFS running for data availability and replication
We have 10 Remote site locations which do not have their own internet connection. They connect via an MPLS and out to the internet.
Problem:
Yesterday out of the blue, no on can access file shares: The "fileserver" which is the host of the namespace locks up. I did the necessary testing then decided to reboot the server. Once the server restarted, NO One could get any of the mapped drives, or DFS data.
The file server was giving errors in Event Viewer that the local drive G and H have been deleted or disabled.
While im looking into this, one of my co-workers reboots ServerDC.
After that reboot, no one could log in!!
I found that on ServerDC1 the NETLOGIN service was stuck "starting". Once i restarted it everything was back online.
BUT now I have all sorts of errors:
1. User machines showing up in DC event logs - Security Database rejected
2. Autoenrollment from all Site office Domain Controllers
3. Warnings about FRS not being able to resolve DNS names.
4. The DNS server encountered an invalid domain name in a packet from x.x.x.x.
I decided to run the command Set Logonserver to see what server a few users are authenticating against. Its a split - either DC or DC1 is this normal??
5. The session setup from computer 'username' failed because the security database does not contain a trust account 'user$' referenced by the specified computer.
Thank god Exchange was not at all interrupted or errors!
This is a mess!
I have a very long winded situation here so let me just start by saying that I am new to the company as Network Administrator.
Currently staffed are another Desktop Admin, and IT Manager - There is absolutely no communication in this team.
We have the following implementation:
Head Office is ServerDC and ServerDC1 - both 2003 Running Exchange 2007.
ServerDC is the Operations,RID, Schema Master, DHCP, DNS etc.
Also we have DFS running for data availability and replication
We have 10 Remote site locations which do not have their own internet connection. They connect via an MPLS and out to the internet.
Problem:
Yesterday out of the blue, no on can access file shares: The "fileserver" which is the host of the namespace locks up. I did the necessary testing then decided to reboot the server. Once the server restarted, NO One could get any of the mapped drives, or DFS data.
The file server was giving errors in Event Viewer that the local drive G and H have been deleted or disabled.
While im looking into this, one of my co-workers reboots ServerDC.
After that reboot, no one could log in!!
I found that on ServerDC1 the NETLOGIN service was stuck "starting". Once i restarted it everything was back online.
BUT now I have all sorts of errors:
1. User machines showing up in DC event logs - Security Database rejected
2. Autoenrollment from all Site office Domain Controllers
3. Warnings about FRS not being able to resolve DNS names.
4. The DNS server encountered an invalid domain name in a packet from x.x.x.x.
I decided to run the command Set Logonserver to see what server a few users are authenticating against. Its a split - either DC or DC1 is this normal??
5. The session setup from computer 'username' failed because the security database does not contain a trust account 'user$' referenced by the specified computer.
Thank god Exchange was not at all interrupted or errors!
This is a mess!
ASKER
DCDIAG
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS\system32>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: HeadOffice\ServerDC
Starting test: Connectivity
......................... ServerDC passed test Connectivity
Doing primary tests
Testing server: HeadOffice\ServerDC
Starting test: Replications
......................... ServerDC passed test Replications
Starting test: NCSecDesc
......................... ServerDC passed test NCSecDesc
Starting test: NetLogons
......................... ServerDC passed test NetLogons
Starting test: Advertising
......................... ServeDC passed test Advertising
Starting test: KnowsOfRoleHolders
......................... ServerDC passed test KnowsOfRoleHolders
Starting test: RidManager
......................... ServerDC passed test RidManager
Starting test: MachineAccount
......................... ServeDC passed test MachineAccount
Starting test: Services
......................... ServeDC passed test Services
Starting test: ObjectsReplicated
......................... ServeDC passed test ObjectsReplicated
Starting test: frssysvol
......................... ServeDC passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... ServeDC failed test frsevent
Starting test: kccevent
......................... ServeDC passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x40011006
Time Generated: 04/23/2010 14:22:03
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x40011006
Time Generated: 04/23/2010 14:51:42
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:11
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:13
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:15
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:15
(Event String could not be retrieved)
......................... ServeDC failed test systemlog
Starting test: VerifyReferences
......................... ServeDC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : "our domain"
Starting test: CrossRefValidation
......................... Our domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Our Domain passed test CheckSDRefDom
Running enterprise tests on : ourdomain.com
Starting test: Intersite
......................... ourdomain.com passed test Intersite
Starting test: FsmoCheck
......................... ourdomain.com passed test FsmoCheck
DNS Event Logs
The DNS server timed out attempting an Active Directory service operation on DC=28,DC=X.0.10.in-addr.ar
The DNS server timed out attempting an Active Directory service operation on DC=APIKEnew,DC=ourdomain.c
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS\system32>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: HeadOffice\ServerDC
Starting test: Connectivity
......................... ServerDC passed test Connectivity
Doing primary tests
Testing server: HeadOffice\ServerDC
Starting test: Replications
......................... ServerDC passed test Replications
Starting test: NCSecDesc
......................... ServerDC passed test NCSecDesc
Starting test: NetLogons
......................... ServerDC passed test NetLogons
Starting test: Advertising
......................... ServeDC passed test Advertising
Starting test: KnowsOfRoleHolders
......................... ServerDC passed test KnowsOfRoleHolders
Starting test: RidManager
......................... ServerDC passed test RidManager
Starting test: MachineAccount
......................... ServeDC passed test MachineAccount
Starting test: Services
......................... ServeDC passed test Services
Starting test: ObjectsReplicated
......................... ServeDC passed test ObjectsReplicated
Starting test: frssysvol
......................... ServeDC passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... ServeDC failed test frsevent
Starting test: kccevent
......................... ServeDC passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x40011006
Time Generated: 04/23/2010 14:22:03
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:06
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:07
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:36:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0x40011006
Time Generated: 04/23/2010 14:51:42
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:11
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:13
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:15
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 04/23/2010 14:58:15
(Event String could not be retrieved)
......................... ServeDC failed test systemlog
Starting test: VerifyReferences
......................... ServeDC passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : "our domain"
Starting test: CrossRefValidation
......................... Our domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Our Domain passed test CheckSDRefDom
Running enterprise tests on : ourdomain.com
Starting test: Intersite
......................... ourdomain.com passed test Intersite
Starting test: FsmoCheck
......................... ourdomain.com passed test FsmoCheck
DNS Event Logs
The DNS server timed out attempting an Active Directory service operation on DC=28,DC=X.0.10.in-addr.ar
The DNS server timed out attempting an Active Directory service operation on DC=APIKEnew,DC=ourdomain.c
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
You can do the upgrade without any problems. I did it to on my system. You can visit this website for more information:
http://osxdaily.com/2009/08/28/mac-os-x-106-snow-leopard-upgrade-works-on-tiger-104-machines/
Your performance will not be effected in any way, i have the same configuration and i find my system booting en working faster then before.
Hope this helps
Onkt
I dont see how your information helped at all onkt.
Looks like its a problem with DNS initially which is affecting AD.
Looks like its a problem with DNS initially which is affecting AD.
check your DC's event log i.e. security log whether it is full
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you run a dcdiag already? If so, can you share your findings? Tx
Check your DNS server and the event logs. What are you findings there?