Solved

Active Directory Errors

Posted on 2011-09-07
6
1,683 Views
Last Modified: 2012-06-22
I installed a new server with active directory with the following configuration.  2 - 250 GB Mirrored drives for the C: drive and  3 - 500  GB drives in a raid 5 configuration for a file share.

On the C: drive I have been getting the following active directory errors and my active directory will become corrupt and I have to reboot the server.  If I run a Chkdsk /f /r the errors will not appear for 3 or 4 days. If I do a reboot around 10:00 pm the errors will occur at 3:00 am. when no one is on the system.  IBM says there is no hardware problem, Microsoft says it is "Event ID 482 occurred on DHCP database, DNS database and so on. We can see the same error “failed after 0 seconds with system error 1117 (0x0000045d): 'The request could not be performed because of an I/O device error. '”  Based on these error, it may be caused by the hardware access problem. "   Their solution is to put a new server in.

Could this be a problem with the Mirror Configuration?  Any help would be appreciated.


Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      482
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: An attempt to write to the file "C:\Windows\NTDS\ntds.dit" at offset 13254656 (0x0000000000ca4000) for 8192 (0x00002000) bytes failed after 0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ".  The write operation will fail with error -1022 (0xfffffc02).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">482</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>802</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\ntds.dit</Data>
    <Data>13254656 (0x0000000000ca4000)</Data>
    <Data>8192 (0x00002000)</Data>
    <Data>-1022 (0xfffffc02)</Data>
    <Data>1117 (0x0000045d)</Data>
    <Data>The request could not be performed because of an I/O device error. </Data>
    <Data>0</Data>
  </EventData>
</Event>

Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      417
Task Category: Logging/Recovery
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: Unable to write to section 3 while flushing logfile C:\Windows\NTDS\edb.log. Error -1022 (0xfffffc02).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">417</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>804</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\edb.log</Data>
    <Data>-1022 (0xfffffc02)</Data>
  </EventData>
</Event>
Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      492
Task Category: Logging/Recovery
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: The logfile sequence in "C:\Windows\NTDS\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">492</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>805</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\</Data>
  </EventData>
</Event>
0
Comment
Question by:Nancy Villa
6 Comments
 
LVL 24

Expert Comment

by:Awinish
Comment Utility
The AD database is corrupted & surely mirror can't be the reason for generating such events.
Did you exclude scanning of AD database/Sysvol by antivirus, if not its a good option to configure it.

I would suggest demote the DC & promote it again. if running chkdsk /r reports an error, it is surely a disk error due to bad sector & you should replace it.
0
 

Author Comment

by:Nancy Villa
Comment Utility
How do you know which one of the two?
0
 
LVL 14

Accepted Solution

by:
Vinchenzo-the-Second earned 500 total points
Comment Utility
I would remove the disk so the mirror switches to other drive, then do ur chkdsk to make sure this drive is ok?  Run dcdiag /v to see if ur AD is corrupt on this drive, if so do a dcpromo.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 24

Expert Comment

by:Awinish
Comment Utility
Well the amber light on the server should tell you for corruption or there is some tool supplied with setup disk for testing hardware/disks/ram etc for servers.

You can remove one disk, run chkdsk by hot swapping it & check it.
0
 
LVL 13

Expert Comment

by:5g6tdcv4
Comment Utility
As a test I would move the AD database to another physical drive on the server.
http://technet.microsoft.com/en-us/library/cc816720%28WS.10%29.aspx
0
 

Author Closing Comment

by:Nancy Villa
Comment Utility
sorry it took so long, it was the hard drive
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now