We have probably the strangest issue with a client that is running 2 basically identical sites with files randomly missing from their main network application. I am reaching out to all experts for any suggestions. We have been dealing with this for 3 weeks
Here is an overview of the basics of the sites...then the issue at hand to follow.
SITE A: WORKGROUP - 2 x 2008 R2 servers No domain controllers - WORKGROUP
SUBNET: 192.168.0.x approx 40 pcs on the LAN
SITE B: WORKGROUP - 2 x 2008 R2 servers No domain controllers - WORKGROUP
SUBNET: 192.168.1.x approx 38 pcs on the LAN
Sites both have SONICWALL tz210s with a VPN gateway to gateway VPN established. The VPN is used only for mail traffic - Exchange server residing at SITE A
The customers main application resides on SERVER 1 at each location. The type of application they run resides server side - the client runs an executable \\server\program\application.exe MU 192.168.0.2
My understanding is it runs in memory as there is no actual installer on the workstation, no registry entries locally on any pc.
Some of the file in the directory \\server\program\*.* go missing !!! 28 FILES approx of 1422
*What we have setup as a bandaid fix in the meantime is a batch file that will quickly sync a backup for the program and the damaged directory*
STATS on the SYNC JOB:
SOURCE = 1422 FILES 78 FOLDERS TARGET = 1394 FILES 78 FOLDERS
28 FILES are missing from the server before restoration??
Once we restore the files they are able to go back in and work no problem. The actual database I need to mention is on D drive in a master share - these are never touched! Its only ever the program files themselves that go missing.
IT is totally random. It can be anytime of day / week. Sometimes they will go 5 6 days with no problem. Other times it will happen 3 times in one day!
Sometimes it happens in the morning ..sometimes at night.
NOW - the other side SITE B has reported the same issue!! SITE A occurs far more often 95% SITEB only a few times.
We have ESET av on both sides scanning no obvious trojans.
AUDIT: we setup auditing on the SITE A server and have successfully flagged a few different pcs sending the request for deletion!!!!
We are at a total loss - the customer has been reasonable - however I desperately need to get a solution. They can be running to the server to sync the files back in all the time