Computers on a Domain Locking Up

ctagle
ctagle used Ask the Experts™
on
We recently joined a company to a domain, at first everything was smooth, but a few days later people started experiencing random lock ups.  So far three are having the issue locally, and at least one is having the issue remotely when they log into the terminal server.  There seems to be no correlation between the lock ups, and no commonality, it just occurs at random, there's no event log entry either, other than an entry stating that the computer shut down unexpectedly.

All the Client machines are running either Windows 7 pro or Windows Vista Business, except one or two older machines running XP Pro (which aren't locking up).  There is also one Windows Vista Home, but that one shouldn't affect anything since its obviously not joined to the domain.

The server is running Small Business Server 2011 and is acting currently as a Domain Controller, File server, Exchange Server,  Quickbooks Server, and soon a terminal server once we get it upgraded with a bit more ram.

At first I thought it might be the fact that their Quickbooks file is far beyond recommended size, over 30 gigs, but people's computers are locking up even when they aren't in Quickbooks so it rules that out.

One more thing that may be noteworthy is the fact the server, at the moment, is operating at nearly full capacity as far as the RAM goes, currently it has only 8 gigs and its using about 95 percent of it, hopefully by the end of the week we'll have it up to 48 or 64 gigs.  

Thanks in advance for your help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
8G you could use more but shouldn't cause the problems you're experiencing, in my opinion.

Try a central point of failure which would be reset your switch, if it's managed check the logs.

How is DNS and DHCP setup, does pinging the server give any lag, have you checked nslookup for DNS resolution.
WORKS2011Managed IT Services, Cyber Security, Backup

Commented:
you're using DHCP from the server correct? Not from a router or other device on the network.

Author

Commented:
The switch isn't managed,  I haven't reset it but I can ping continuously with no drops, the highest response time out of 100 pings was 15 ms.  DNS is setup with the server as the DNS server, and it forwards web requests to our ISP's DNS servers.  nslookup occurs almost instantly and resolves client names properly.  

DHCP is being handled by the server, I think I forgot to put that in the initial question.

One thing I also forgot to mention is that all of the user's files are currently redirected to the server, my documents, downloads, desktop, favorites, etc...  Not sure if that would cause an issue, but I've never had a problem with it before, both in a server 2011 and server 2008 environment.
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Top Expert 2013

Commented:
Not that it is your problem but you mentioned; "Quickbooks Server, and soon a terminal server once we get it upgraded with a bit more ram."
SBS cannot run terminal services.  It will allow two RDP logons for management, not for running applications.  The QuickBooks data component can be installed on the server but you should not be running the app as the server is not optimized for that and user permissi0ns are different.

Also, in case you are thinking of it with your extra RAM, you cannot run Hyper-V on SBS.  You can run SBS as a VM on hyper-v, which would be ideal with 32+GB of RAM, you could then add a TS/RDP as a VM.

Also I would recommend 12-14GB of RAM with SBS even in a small office.

The 15ms delay in ping times is concerning as well. Within the office it should be <3 consistently, unless the 15 was just a hiccup.
-The number 1 source of network delays and lockups is bad patch cables.  A connection does not mean the cable is not experiencing cross-talk and performance issues.
-Do not set speed or duplex to a fixed option, they must match the switch, and with a non-managed switch, the only option is auto-negotiate.
-Do not disable IPv6 on the server.
-Broadcom NIC’s are known to have some lockup issues from time to time.
-There are some known issues with newer advanced NIC properties such as "Task Offloading", and “Receive-Side Scaling” which drastically affect performance and stability of file share access if enabled and especially if you are running older drivers. The first step is to make sure you have the latest drivers from the manufacturer of the NIC, not Windows.
The following outline  changing for the command line but I have found in some cases you have to do so within the advanced NIC properties for them to take effect. Any of these changes require a reboot to take effect.

To disable Receive-Side Scaling, at a command prompt, with elevated privileges, run the following command:
netsh int tcp set global rss=disabled

To disable Task Offload, at a command prompt, with elevated privileges, run the following command:
netsh int ip set global taskoffload=disabled

To disable Add-On Congestion Control Provider, at a command prompt, with elevated privileges, run the the following command:
netsh int tcp set global congestion=none

For more information Information about the TCP Chimney Offload, Receive Side Scaling, and Network Direct Memory Access features in Windows Server 2008
http://go.microsoft.com/fwlink/?LinkId=189029

Related blog articles:
http://blogs.technet.com/b/networking/archive/2008/11/14/the-effect-of-tcp-chimney-offload-on-viewing-network-traffic.aspx
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/05/15/backward-compatible-networking-with-server-core.aspx
http://support.microsoft.com/kb/951037
http://msmvps.com/blogs/thenakedmvp/archive/2010/02/23/rss-tcp-offloading-strikes-again-microsoft-should-kill-this-feature-for-the-masses.aspx
http://www.petestilgoe.com/2008/01/sbs-2003-sp2-broadcom-nics-slow-network/

Author

Commented:
What about the remote desktop server role?  I know terminal services is the wrong term nowadays but I thought SBS could do that.  As far as terminal services there would be 20 or so users connecting to the server remotely,  SBS doesn't support this?

The 15 ms was just a hiccup, the final results of the ping were 2 or 3 15 ms responses out of 383 pings.  Average response time was 0 ms with no dropped packets.  I don't think the patch cables are the problem in this instance since it only started happening after we moved them over to a domain.  Speed and duplex are both set to auto negotiate, IPv6 is enabled on the server.  some of them may have Broadcom nic's but again, this started happening only after we joined them to a domain, before that there were no lock up issues.  However I haven't tried disabling those advanced features, and all machine's NICs are now operating under a heavier load due to the nature of the setup so i will give that a try and let ya'll know how it turns out, thanks.
Top Expert 2013

Commented:
Now called remote deskop services.  No it will not install on SBS, it never has from SBS 2003 on.  Some things with SBS are not recommended, others are licensing violations, but TS/RDS although it is both, just will not install at all.  Ther service is enabled for remote admin by default.

Though the perfomance features can be a cause of problems, especially now that you have a "heavier load".  It does sound more like a DNS issue as WORKS2011 was suggesting.
I would only worry about a Broadcom on the serve itself.

Can you post the results of IPconfig from the SBS and also from a problematic workstation.

Author

Commented:
ipconfig /all from the server:



Windows IP Configuration

   Host Name . . . . . . . . . . . . : CB-MS1
   Primary Dns Suffix  . . . . . . . : corralboots.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : corralboots.local

Ethernet adapter Local Area Connection 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) #37
   Physical Address. . . . . . . . . : D4-AE-52-88-CE-3E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) #28
   Physical Address. . . . . . . . . : D4-AE-52-88-CE-3F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 PT Server Adapter
   Physical Address. . . . . . . . . : 68-05-CA-02-95-E8
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4542:8166:45b0:fb98%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.245(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 241698250
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-22-11-9B-68-05-CA-02-95-E8
   DNS Servers . . . . . . . . . . . : ::1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{6B621F01-FB42-4658-B5C4-9EB034D1F188}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{789AF68C-B6A2-4E77-B293-B640054A962D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{54A80A8E-84E2-4601-991B-8E9066334D5A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes




__________________________________________





ipconfig /all from problem workstation


Windows IP Configuration

   Host Name . . . . . . . . . . . . : Alicia-HP
   Primary Dns Suffix  . . . . . . . : corralboots.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : corralboots.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : corralboots.local
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E8-39-35-39-2A-F3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7cad:ce28:aa67:1b19%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, May 23, 2012 7:59:06 AM
   Lease Expires . . . . . . . . . . : Thursday, May 31, 2012 7:59:05 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.245
   DHCPv6 IAID . . . . . . . . . . . : 283654453
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E9-E7-0D-E8-39-35-39-2A-F3
   DNS Servers . . . . . . . . . . . : 192.168.1.245
   Primary WINS Server . . . . . . . : 192.168.1.245
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.corralboots.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : corralboots.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Top Expert 2013
Commented:
The main issue I see is the server has multiple NIC's enabled. They must be disabled, not just disconnected.  I would then run the "Fix My Network" wizard followed by open the DNS management console, right click on the server name, chose interface tab and make sure only 192.168.1.245 and 2 IPv6 addresses are selected.

In addition the PC's have WINS IP enabled.  Is the SBS WINS service enabled?  It is not by default. If not I would remove that (from DHCP scope options) to avoid the PC's trying to use WINS/NetBIOS.

These issues may explain DNS problems.

Author

Commented:
Ok thanks, I've changed the settings and i'll try it out and see what happens

Author

Commented:
That did the trick, also took out the ::1 address as a DNS server, haven't seen any lockups since.  Thanks!
Top Expert 2013

Commented:
Good to hear.
Thanks ctagle.
Cheers!
--Rob

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial