• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 636
  • Last Modified:

AD and DNS errors on 2003 Domain Controller.

So I got into the office this morning and starting checking my servers. I logged into my FSMO role holder to view the event log and this is what I saw.

Event Type:      Warning
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1655
Date:            2/2/2014
Time:            4:21:19 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
 
Global catalog:
\\server1.intranet.domain.com
 
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
 
Additional Data
Error value:
1722 The RPC server is unavailable.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1126
Date:            2/2/2014
Time:            4:21:20 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory was unable to establish a connection with the global catalog.
 
Additional Data
Error value:
8240 There is no such object on the server.
Internal ID:
3200ba0
 
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller.  You may use the nltest utility to diagnose this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            2/2/2014
Time:            3:41:28 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00               Q...    


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4000
Date:            2/2/2014
Time:            3:50:55 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    


I also noticed that in vCenter it was showing high CPU usage for this VM. It was also giving me a message inside the VM that it was increasing memory.

With the VM running HIGH CPU, could that of caused the issues? I think I need to add more RAM to this VM as I am only using 1 GB. I only have around 100 users. the CPU has returned to normal and no additional errors are being reported in the event viewer.
0
victordr
Asked:
victordr
  • 5
  • 5
2 Solutions
 
Will SzymkowskiSenior Solution ArchitectCommented:
First off run the below commands to check on the replicaiton and AD diagnostic tests...
- repadmin /replsum
- repadmin /showrepl
- dcdiag /v

Also can you open AD Sites and Services and under the Computer>NTDS Settings>Properties>General Tab change to see if your DC is actually a GC or if it has been changed.

Will.
0
 
victordrAuthor Commented:
i already ran these tests and everything looked good. I did verify the server is a GC. all of the other Domain Controllers showed no errors.
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Ok, check to ensure that all of the services on that box have been started correctly. Also run "netdom query fsmo" and ensure that your FSMO role holder is actually seen as this FSMO holder by the DC itself and also other DC's in your environment.

Will.
0
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

 
victordrAuthor Commented:
ok. So do you think the hiccup may have been caused by the high cpu usage?
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Not sure i understand your last statment. Have you been able to try and rreboot that DC in question?

Will.
0
 
victordrAuthor Commented:
No i haven't rebooted it. I am asking that because the CPU was pegged on the VM, could this of caused the issues with AD on the server?
0
 
dalbersonCommented:
Will gave some very good instructions, and I understand you have tried these and found no "smoking gun".

It IS theoretically possible that during a time of extremely high CPU usage, I suppose a "time out" could have been experienced, causing an "non-responsive" global catalog temporarily.

So the answer is "yes, in my opinion" - High CPU could have caused the error.

This is reinforced as "what happened" especially if you no longer are experiencing any problems...
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
What specific services / processes chewing up the CPU on the server? If it is lsass.exe or some other AD process is could be the culprit.

Do you have an Anti-virus software installed on this server?

Will.
0
 
victordrAuthor Commented:
by the time I logged into the VM, the CPU was back to normal. Yes I have Symantec Endpoint 12.1
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
Are you still encountering the issues of slow performance? If you are and the processes are good, also reference the event log as well to ensure that there are no issues related listed in there.

Will.
0
 
victordrAuthor Commented:
no everything is fine now. I just wanted to make sure there was no more additional issues.

I am going to bump up the RAM tonight in the VM.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now