asked on Server (Domain Controller) Unresponsive - Have to HARD REBOOT Server to Fix Lockups
Problem: COMPLETE NETWORK LOCKUP:
All workstations freeze;
Cannot authenticate into any network device until reset;
Server (DC) has to be hard powered down to restart.
Hard reset on server fixes problem
Notes:
1. Domain Controller is 2003 R2 X64 SP2 with all critical and security patches applied
2. No events are written to log files when lockups occur
3. Server IP (and other devices) can be pinged during lockup
4. Login screen can be accessed on all other servers but if user name and password is entered, the system "locks" up. (authentication failing)
5. Disk arrays are healthy
6. Network traffic normal during lockup
HELP!
All workstations freeze;
Cannot authenticate into any network device until reset;
Server (DC) has to be hard powered down to restart.
Hard reset on server fixes problem
Notes:
1. Domain Controller is 2003 R2 X64 SP2 with all critical and security patches applied
2. No events are written to log files when lockups occur
3. Server IP (and other devices) can be pinged during lockup
4. Login screen can be accessed on all other servers but if user name and password is entered, the system "locks" up. (authentication failing)
5. Disk arrays are healthy
6. Network traffic normal during lockup
HELP!
Windows Server 2003Active Directory
Last Comment
sfjcpu
ASKER
No. There are 2 others.
Odd, do the clients have the IP of the other DCs in their DNS. Does this box that freezes hold all the FSMO roles.
Are the other DCs also global catalog servers?
Are the other DCs also global catalog servers?
ASKER
Yes the clients use one of the other DCs as their secondary DNS. The server holds all FSMO roles except for infrastructure. The server that holds the infrastructure roll is not a global catalog server.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I disagres that "nothing written to the windows logs [generally] equals hardware issue". This is regularly that it's so busy doing something that requilres no logging that nothing gets written. It's rare with a hang that anything gets logged as all it's actually doing is waiting for something. It is entirely possible that this is an intermittent issue with the disk though, where networking is sitll working fine but the disk can't be accessed to write event logs or read to authenticate users.
The other systems don't authenticate users because the primary is still responding on the network, so things are working for this system.
To check the disk, try setting up ftp on the system disk and see if you can access data that way. rpcinfo -a should also give you further information as regards what services this system is seeing as available behind the networking (not exhaustive, but proves that the OS itself is answering basic commands).
The other systems don't authenticate users because the primary is still responding on the network, so things are working for this system.
To check the disk, try setting up ftp on the system disk and see if you can access data that way. rpcinfo -a should also give you further information as regards what services this system is seeing as available behind the networking (not exhaustive, but proves that the OS itself is answering basic commands).
ASKER
DC's are healthy. There is only one DNS entry on workstations. We will add another DNS entry. Of course that will not fix the problem but it needs to be done. Thanks for that advice. I downloaded Sysinternals (nice set of tools). Process monitor and process explorer are running on the DC this morning. I'm logged on server and am keeping the logon open so I can see screen. Client will contact immediately if the DC becomes unresponsive. I'll post the results.
ASKER
Still having lockups. We suspect a profile issue coming from a Windows2000 Terminal Server login. The DC usually hangs about the same time some users are logging into the old TermServer. The log files grow too quickly and too large to be practical in this diagnostic. Any ideas on whether or not a profile could hang up the DC?
If Process Monitor logging is too large to be usable and you notice this issue as soon as it occurs, set up a scheduled job to stop and start process monitor and "interact with desktop" on an hourly basis. When it hangs, get to the DC, wait until it's responsive again, stop the capture, save the log (pml format) and stop the scheduled job. Then go back through the log to a point during which the system was unresponsive and try to figure out what led up to that hang.
ASKER
Stu, Thanks for the post. The hangups are so random, days in between, it would be difficult to do that. When it hangs, my client restarts the server right away since they have all their profiles and shares set up on this server.
If I could write a script to save the log files for 10 minutes, then stop ProcMon, save the log file to another file name, then start it again. Maybe keep 10 of these files and have the script cycle through the names, such as ProcMonLog1, ProcMonLog2, ProcMonLog3...ProcMonLog10
Would this work, and if so, do I need to post a separate question on how to write the script?
Thanks!
If I could write a script to save the log files for 10 minutes, then stop ProcMon, save the log file to another file name, then start it again. Maybe keep 10 of these files and have the script cycle through the names, such as ProcMonLog1, ProcMonLog2, ProcMonLog3...ProcMonLog10
Would this work, and if so, do I need to post a separate question on how to write the script?
Thanks!
Thanks
Mike