Solved

Active Directory Errors

Posted on 2011-09-07
6
1,823 Views
Last Modified: 2012-06-22
I installed a new server with active directory with the following configuration.  2 - 250 GB Mirrored drives for the C: drive and  3 - 500  GB drives in a raid 5 configuration for a file share.

On the C: drive I have been getting the following active directory errors and my active directory will become corrupt and I have to reboot the server.  If I run a Chkdsk /f /r the errors will not appear for 3 or 4 days. If I do a reboot around 10:00 pm the errors will occur at 3:00 am. when no one is on the system.  IBM says there is no hardware problem, Microsoft says it is "Event ID 482 occurred on DHCP database, DNS database and so on. We can see the same error “failed after 0 seconds with system error 1117 (0x0000045d): 'The request could not be performed because of an I/O device error. '”  Based on these error, it may be caused by the hardware access problem. "   Their solution is to put a new server in.

Could this be a problem with the Mirror Configuration?  Any help would be appreciated.


Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      482
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: An attempt to write to the file "C:\Windows\NTDS\ntds.dit" at offset 13254656 (0x0000000000ca4000) for 8192 (0x00002000) bytes failed after 0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ".  The write operation will fail with error -1022 (0xfffffc02).  If this error persists then the file may be damaged and may need to be restored from a previous backup.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">482</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>802</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\ntds.dit</Data>
    <Data>13254656 (0x0000000000ca4000)</Data>
    <Data>8192 (0x00002000)</Data>
    <Data>-1022 (0xfffffc02)</Data>
    <Data>1117 (0x0000045d)</Data>
    <Data>The request could not be performed because of an I/O device error. </Data>
    <Data>0</Data>
  </EventData>
</Event>

Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      417
Task Category: Logging/Recovery
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: Unable to write to section 3 while flushing logfile C:\Windows\NTDS\edb.log. Error -1022 (0xfffffc02).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">417</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>804</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\edb.log</Data>
    <Data>-1022 (0xfffffc02)</Data>
  </EventData>
</Event>
Log Name:      Directory Service
Source:        NTDS ISAM
Date:          9/7/2011 3:09:42 AM
Event ID:      492
Task Category: Logging/Recovery
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      IBMServer.CCHS.ORG
Description:
NTDS (692) NTDSA: The logfile sequence in "C:\Windows\NTDS\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="NTDS ISAM" />
    <EventID Qualifiers="0">492</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-07T08:09:42.000Z" />
    <EventRecordID>805</EventRecordID>
    <Channel>Directory Service</Channel>
    <Computer>IBMServer.CCHS.ORG</Computer>
    <Security />
  </System>
  <EventData>
    <Data>NTDS</Data>
    <Data>692</Data>
    <Data>NTDSA: </Data>
    <Data>C:\Windows\NTDS\</Data>
  </EventData>
</Event>
0
Comment
Question by:Nancy Villa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 24

Expert Comment

by:Awinish
ID: 36495560
The AD database is corrupted & surely mirror can't be the reason for generating such events.
Did you exclude scanning of AD database/Sysvol by antivirus, if not its a good option to configure it.

I would suggest demote the DC & promote it again. if running chkdsk /r reports an error, it is surely a disk error due to bad sector & you should replace it.
0
 

Author Comment

by:Nancy Villa
ID: 36495571
How do you know which one of the two?
0
 
LVL 14

Accepted Solution

by:
Vinchenzo-the-Second earned 500 total points
ID: 36495593
I would remove the disk so the mirror switches to other drive, then do ur chkdsk to make sure this drive is ok?  Run dcdiag /v to see if ur AD is corrupt on this drive, if so do a dcpromo.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 24

Expert Comment

by:Awinish
ID: 36495620
Well the amber light on the server should tell you for corruption or there is some tool supplied with setup disk for testing hardware/disks/ram etc for servers.

You can remove one disk, run chkdsk by hot swapping it & check it.
0
 
LVL 13

Expert Comment

by:5g6tdcv4
ID: 36496148
As a test I would move the AD database to another physical drive on the server.
http://technet.microsoft.com/en-us/library/cc816720%28WS.10%29.aspx
0
 

Author Closing Comment

by:Nancy Villa
ID: 37440897
sorry it took so long, it was the hard drive
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question