Solved

Domain controller reboot needed

Posted on 2013-01-22
4
597 Views
Last Modified: 2013-01-23
Over the weekend few servers stopped authenticating properly to the domain.  I noticed some mapped drives not opening and Gpo policies not updating.  On some hosts I was able to fix with forcing gpupdate. But others didn't work and I need to reboot domain controllers one by one.
Why does it happen? What process stops working on domain controllers that requires a reboot?
0
Comment
Question by:Tiras25
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
ddiazp earned 334 total points
ID: 38808388
have you added a new domain controller recently? A new site perhaps?

how many domain controllers do you have in place and how are they geographically placed?

Have you checked active directory sites and services to make sure the domain controllers are replicating and they have enough time to do so?

Anything on event viewer that might indicate there's a problem?

make sure your domain roles are still assigned accordingly if you've decomissioned domain controllers in the past
0
 
LVL 17

Author Comment

by:Tiras25
ID: 38808399
Nothing new. Just didn't reboot for a long time.  Still wondering why it happened.
0
 
LVL 10

Assisted Solution

by:ddiazp
ddiazp earned 334 total points
ID: 38808405
Windows updates installed lately perhaps?

server's don't act up because you don't restart them in a long time unless something changed.

Event viewer will most likely tell you what the problem(s) are, I urge you to take a look at them and see if there are any recent errors that weren't there a few days/weeks back.
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 166 total points
ID: 38810814
If the DCs suddenly neaded to be rebooted to work as expected, it sounds like issues with ntds or netlogon services (lsass.exe process) hung/crash.
The DC nead to listening on for example the ports 88(kerberos), 389(ldap), 3268(gc) for authenttication.
Any server listening on DNS service (port 53) and serving name resolution when issue happened?
GPO are loaded through file share neads port 139 (restart lanmanserver service due to page pool issues?).

Any errors in eventlog or dcdiag output?
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question