Solved

AD and DNS errors on 2003 Domain Controller.

Posted on 2014-02-03
11
621 Views
Last Modified: 2014-02-03
So I got into the office this morning and starting checking my servers. I logged into my FSMO role holder to view the event log and this is what I saw.

Event Type:      Warning
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1655
Date:            2/2/2014
Time:            4:21:19 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
 
Global catalog:
\\server1.intranet.domain.com
 
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
 
Additional Data
Error value:
1722 The RPC server is unavailable.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1126
Date:            2/2/2014
Time:            4:21:20 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory was unable to establish a connection with the global catalog.
 
Additional Data
Error value:
8240 There is no such object on the server.
Internal ID:
3200ba0
 
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller.  You may use the nltest utility to diagnose this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            2/2/2014
Time:            3:41:28 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00               Q...    


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4000
Date:            2/2/2014
Time:            3:50:55 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    


I also noticed that in vCenter it was showing high CPU usage for this VM. It was also giving me a message inside the VM that it was increasing memory.

With the VM running HIGH CPU, could that of caused the issues? I think I need to add more RAM to this VM as I am only using 1 GB. I only have around 100 users. the CPU has returned to normal and no additional errors are being reported in the event viewer.
0
Comment
Question by:victordr
  • 5
  • 5
11 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 400 total points
ID: 39829593
First off run the below commands to check on the replicaiton and AD diagnostic tests...
- repadmin /replsum
- repadmin /showrepl
- dcdiag /v

Also can you open AD Sites and Services and under the Computer>NTDS Settings>Properties>General Tab change to see if your DC is actually a GC or if it has been changed.

Will.
0
 

Author Comment

by:victordr
ID: 39829605
i already ran these tests and everything looked good. I did verify the server is a GC. all of the other Domain Controllers showed no errors.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829611
Ok, check to ensure that all of the services on that box have been started correctly. Also run "netdom query fsmo" and ensure that your FSMO role holder is actually seen as this FSMO holder by the DC itself and also other DC's in your environment.

Will.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:victordr
ID: 39829616
ok. So do you think the hiccup may have been caused by the high cpu usage?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829637
Not sure i understand your last statment. Have you been able to try and rreboot that DC in question?

Will.
0
 

Author Comment

by:victordr
ID: 39829649
No i haven't rebooted it. I am asking that because the CPU was pegged on the VM, could this of caused the issues with AD on the server?
0
 
LVL 2

Assisted Solution

by:dalberson
dalberson earned 100 total points
ID: 39829731
Will gave some very good instructions, and I understand you have tried these and found no "smoking gun".

It IS theoretically possible that during a time of extremely high CPU usage, I suppose a "time out" could have been experienced, causing an "non-responsive" global catalog temporarily.

So the answer is "yes, in my opinion" - High CPU could have caused the error.

This is reinforced as "what happened" especially if you no longer are experiencing any problems...
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829773
What specific services / processes chewing up the CPU on the server? If it is lsass.exe or some other AD process is could be the culprit.

Do you have an Anti-virus software installed on this server?

Will.
0
 

Author Comment

by:victordr
ID: 39829795
by the time I logged into the VM, the CPU was back to normal. Yes I have Symantec Endpoint 12.1
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829830
Are you still encountering the issues of slow performance? If you are and the processes are good, also reference the event log as well to ensure that there are no issues related listed in there.

Will.
0
 

Author Comment

by:victordr
ID: 39829977
no everything is fine now. I just wanted to make sure there was no more additional issues.

I am going to bump up the RAM tonight in the VM.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question