Solved

Network went down completely. Now cant access mapped drives

Posted on 2011-03-15
21
329 Views
Last Modified: 2012-05-11
Hi, I'm tearing my hair out over this one. We've been having occasional network problems up until yesterday, where the network goes down for a few minutes and then comes up back up. Then yesterday everyone loses connection to the server and the internet and it stays down.
First I tried pinging the router from the server, and wasn't getting anything, so I bypassed the switch and plugged the server directly into the router. Then when I pinged the router, it would connect sporadically. Sometimes getting a response and sometimes not. So I figured the router was bad and replaced the router with a known good router. Still had problems pinging the router, so I disconnected the cable connecting the switch to the router, leaving just the server plugged into the router and then it worked fine consistently. At that point the server could access the internet, but as soon as I plugged in the switch, it went down. So I methodically unplugged different cables going into the switch and finally isolated what was apparently causing the server not to function when the switch was connected. At this point all workstations except the one that I had to unplug could : ping the router, access the internet, BUT only some of them could access their mapped drives to the server. The others, when you try to click on them, a request came up to re-enter the user name and password, but when the correct user name and password were entered, the workstation still could not access the mapped drives.
There are a lot of 1054 errors in the event log.
If I look at the DNS on the server, it has all of the old IP addresses, from the workstations PRIOR to the new router and them being assigned new IP addresses.
I have no real experience with DNS and Active directory, but it seems that the problem lies somewhere in that area.
Some of the workstations are set up with the two server IP addresses as the DNS addresses and some are set up with one server IP address as the primary DNS and our ISP's DNS as the secondary DNS address. I dont know if that is relevant.
The server has two NIC cards each with  static IPs. I don't know if these are set up correctly as I get an error about having duplicate names.
Any help you can give me in understanding what's causing this problem and how to fix it would be much appreaciated!
We use Windows Server 2003 (Domain set up). About 35 workstations with Win XP Pro.
0
Comment
Question by:LearningToProgram
  • 11
  • 5
  • 2
  • +2
21 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
Comment Utility
Two NICS has IP on same network segment?
0
 
LVL 7

Expert Comment

by:mmicha
Comment Utility
You mentioned that you swapped the router...  The router may have been doing DHCP for the network and since you switched it the new machines are not getting the proper settings.

The machines need to be using the DNS server most likely running on the server.  If they are not, you may get authentication and can't find issues happening.

Try an ipconfig /all on the client pc's and see if they are on the same subnet as the server and that there settings match what you would expect.
0
 

Author Comment

by:LearningToProgram
Comment Utility
Drashiel: The server has two NICs, and each has a different static IP 192.168.1.10 and 192.168.1.20
mmicha:  The new router has the exact same settings as the old router. the workstations are now all set as follows:
Obtain an IP address automatically
DNS server1: 192.168.1.20
DNS server2: is set to our ISP's dns
This is how they've been set in the past and it worked.
All are on the same subnet
0
 
LVL 31

Accepted Solution

by:
DrUltima earned 400 total points
Comment Utility
OK... Items to remember:

1) It well documented.  AD and DNS Servers should only have one active NIC.  Having multiples causes all kinds of issues.

2) AD should never use outside DNS Servers.  ALL DNS servers/AD controllers should point to themselves as primary and another internal DNS Server as secondary.  If no other internals exist, then just don't have a secondary.

3) AD Integrated DHCP works better than router DHCP in an AD environment.  If you are using anything other than an AD Member server or controller to do you DHCP, you will need to revisit those settings.  DHCP should never lease out any information, such as DNS servers, which are not native to AD (going back to poitn 2).  AD integrated DHCP makes for DNS updating much smoother.

Please look over these three points and let us know if your environment is set up this way or not....

DrUltima
0
 

Author Comment

by:LearningToProgram
Comment Utility
Here's some screen shots from a workstation that cant get onto the network shares. ping-and-ipconfig.pdf NetworkErrors.pdf
0
 

Author Comment

by:LearningToProgram
Comment Utility
Maybe this will help to narrow it down. I did an nslookup for a workstation and the IP address returned was incorrect. It was the IP address that computer had yesterday. So it seems like this would be a problem. How can I get the DNS on the server to update all of the IP addresses?
I did ipconfig /registerdns and it supposedly succeeded, but didn't fix it.
0
 
LVL 31

Assisted Solution

by:DrUltima
DrUltima earned 400 total points
Comment Utility
Your DHCP server is also your gateway.  This is what I was taking about when I indicated that having an AD DHCP server is a better solution.

Are you able to move DHCP from your router to an internal server?

If not, then how is your DNS configured?  Will it allow dynamic updates?  If so, by what machines?

Also, your DHCP server is still farming out your ISP as a secondary DNS server.  Please remove that entry from your DHPC lease.  Having that in there can cause your registerdns to fail.
0
 

Author Comment

by:LearningToProgram
Comment Utility
Hi DrUltima,
I'm not very familiar with the details of AD and the DNS.
Since the router has always been the source of the DHCP, I would like to leave that as-is for now, and try to get the network back up running, and then experiment with making it better. It did work up until yesterday for most of the time (like it would go for a week or so). Now nobody can access the server (except one person for some reason).
1. Can you tell me how I would find out if the DNS allows dynamic updates?  I did just try manually updating one of the entries to the correct ip address, and rebooted that computer so that is shows up correctly with  nslookup. That computer still can't get to network shares, so it looks like there is a different problem.
2.The router (dhcp server) is not handling out dns addresses. These are both entered into each workstations network connections. the priimary is entered with the servers ip and the secondary is entered with the ips's dns.  I dont know why--that's how it was when I took over from the former person handling the network.

0
 
LVL 31

Assisted Solution

by:DrUltima
DrUltima earned 400 total points
Comment Utility
At the end of the day, whether leased by DHCP or statically assigned, no NON-AD DNS servers should be listed in the NIC properties in an AD enterprise.

In your DNS console, right click on the domain Zone under Forward Lookup Zones.  First tab is General.  Dynamic Updates is a drop down.  What is that setting?  Same with Reverse Lookup Zones?

DrUltima
0
 

Author Comment

by:LearningToProgram
Comment Utility
they are both set to 'secure only' for the dynamic updates
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:LearningToProgram
Comment Utility
I removed the isp dns addresses from the router and entered the servers dns address.
And I've removed the isp dns addresses from the workstations.
Then i put the isp's dns addresses into the servers dns Zone transfers -- I assume this is where they were supposed to go.
Still the same situation: 3 computers have access to the server shared folders, and the remaining 30+ have no access -- just internet access.
0
 

Author Comment

by:LearningToProgram
Comment Utility
Okay here's some more information. When I removed the cached login credentials on a workstation by setting the number of cached to 0, I could not longer log in to the domain. getting the error "the system cannot log you on now because the domain xxx is not available."
0
 

Author Comment

by:LearningToProgram
Comment Utility
I then ran the DCDIAGS diagnostic tool and this is the log file. Can you help me figure out how to fix these?


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\ULAN-SERVER
      Starting test: Connectivity
         ......................... ULAN-SERVER passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\ULAN-SERVER
      Starting test: Replications
         ......................... ULAN-SERVER passed test Replications
      Starting test: NCSecDesc
         ......................... ULAN-SERVER passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\ULAN-SERVER\netlogon)
         [ULAN-SERVER] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path..
         ......................... ULAN-SERVER failed test NetLogons
      Starting test: Advertising
         Fatal Error:DsGetDcName (ULAN-SERVER) call failed, error 1355
         The Locator could not find the server.
         ......................... ULAN-SERVER failed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... ULAN-SERVER passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... ULAN-SERVER passed test RidManager
      Starting test: MachineAccount
         ......................... ULAN-SERVER passed test MachineAccount
      Starting test: Services
         ......................... ULAN-SERVER passed test Services
      Starting test: ObjectsReplicated
         ......................... ULAN-SERVER passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... ULAN-SERVER passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.
         ......................... ULAN-SERVER failed test frsevent
      Starting test: kccevent
         ......................... ULAN-SERVER passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 03/15/2011   20:46:39
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 03/15/2011   20:46:42
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 03/15/2011   21:09:57
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 03/15/2011   21:16:27
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:32
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:33
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:37
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:38
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:38
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:38
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 03/15/2011   21:21:39
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0xC00010DF
            Time Generated: 03/15/2011   21:26:34
            (Event String could not be retrieved)
         ......................... ULAN-SERVER failed test systemlog
      Starting test: VerifyReferences
         ......................... ULAN-SERVER passed test VerifyReferences
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : UNS
      Starting test: CrossRefValidation
         ......................... UNS passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... UNS passed test CheckSDRefDom
   
   Running enterprise tests on : UNS.lan
      Starting test: Intersite
         ......................... UNS.lan passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
         A Good Time Server could not be located.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... UNS.lan failed test FsmoCheck
0
 
LVL 31

Assisted Solution

by:DrUltima
DrUltima earned 400 total points
Comment Utility
You are getting those failures because of DNS problems.

Is your DNS Server also your AD controller?  Is DNS AD Integrated or not?
0
 
LVL 8

Assisted Solution

by:dosdet2
dosdet2 earned 100 total points
Comment Utility
My gut is telling me that the router is doing DHCP and the Server is doing DHCP, both on the same subnet.  That would explain the sometimes working and sometimes not and also the different IP's being assigned in the DNS.  
Here's the test.
Try going into the router and check to see if the DHCP server is turned on?  If it is, turn it off and then, from a workstation, do an ipconfig /release (from a command prompt) then do an ipconfig /renew - does it get an IP address?  If not, you can turn the router DHCP server back on.  If it does, reboot some of the other workstations and see if they work OK.

Also, as mentioned above,  if both NICs on your server are hooked up to the same subnet, you need to unplug one of them.
2¢ worth...


0
 
LVL 8

Expert Comment

by:dosdet2
Comment Utility
One more thought.  If you haven't already, change out your key network cables.  Between the server & switch particularity - just to eliminate a possible cable problem.
0
 

Author Comment

by:LearningToProgram
Comment Utility
How can I tell if Is my DNS Server also my AD controller?  Is DNS AD Integrated or not?
0
 
LVL 31

Expert Comment

by:DrUltima
Comment Utility
The IP address you are using for DNS... Is it the same IP address as your Domain Controller?  As far as Integrated or not, just look at the properties for the DNS Zone.
0
 

Author Comment

by:LearningToProgram
Comment Utility
Hi Dosdet2, thanks for your input. I tried your suggestion on the dhcp on the router, and there is no other dhcp server active, so it rules that out.
On the 2 NICs on the server--if I only use one, then what do I use for the secondary DNS address in the router and on each workstation?  Thanks.
0
 

Author Closing Comment

by:LearningToProgram
Comment Utility
Thanks for your help so far.  I've been able to narrow the problem down, so I'm going to close this thread and open a new one as this one is getting very long.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now