Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Domain controller reboot needed

Posted on 2013-01-22
4
Medium Priority
?
600 Views
Last Modified: 2013-01-23
Over the weekend few servers stopped authenticating properly to the domain.  I noticed some mapped drives not opening and Gpo policies not updating.  On some hosts I was able to fix with forcing gpupdate. But others didn't work and I need to reboot domain controllers one by one.
Why does it happen? What process stops working on domain controllers that requires a reboot?
0
Comment
Question by:Tiras25
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
ddiazp earned 1336 total points
ID: 38808388
have you added a new domain controller recently? A new site perhaps?

how many domain controllers do you have in place and how are they geographically placed?

Have you checked active directory sites and services to make sure the domain controllers are replicating and they have enough time to do so?

Anything on event viewer that might indicate there's a problem?

make sure your domain roles are still assigned accordingly if you've decomissioned domain controllers in the past
0
 
LVL 17

Author Comment

by:Tiras25
ID: 38808399
Nothing new. Just didn't reboot for a long time.  Still wondering why it happened.
0
 
LVL 10

Assisted Solution

by:ddiazp
ddiazp earned 1336 total points
ID: 38808405
Windows updates installed lately perhaps?

server's don't act up because you don't restart them in a long time unless something changed.

Event viewer will most likely tell you what the problem(s) are, I urge you to take a look at them and see if there are any recent errors that weren't there a few days/weeks back.
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 664 total points
ID: 38810814
If the DCs suddenly neaded to be rebooted to work as expected, it sounds like issues with ntds or netlogon services (lsass.exe process) hung/crash.
The DC nead to listening on for example the ports 88(kerberos), 389(ldap), 3268(gc) for authenttication.
Any server listening on DNS service (port 53) and serving name resolution when issue happened?
GPO are loaded through file share neads port 139 (restart lanmanserver service due to page pool issues?).

Any errors in eventlog or dcdiag output?
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question