[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

AD and DNS errors on 2003 Domain Controller.

Posted on 2014-02-03
11
Medium Priority
?
633 Views
Last Modified: 2014-02-03
So I got into the office this morning and starting checking my servers. I logged into my FSMO role holder to view the event log and this is what I saw.

Event Type:      Warning
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1655
Date:            2/2/2014
Time:            4:21:19 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
 
Global catalog:
\\server1.intranet.domain.com
 
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
 
Additional Data
Error value:
1722 The RPC server is unavailable.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1126
Date:            2/2/2014
Time:            4:21:20 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVER1
Description:
Active Directory was unable to establish a connection with the global catalog.
 
Additional Data
Error value:
8240 There is no such object on the server.
Internal ID:
3200ba0
 
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller.  You may use the nltest utility to diagnose this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            2/2/2014
Time:            3:41:28 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00               Q...    


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4000
Date:            2/2/2014
Time:            3:50:55 PM
User:            N/A
Computer:      SERVER1
Description:
The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    


I also noticed that in vCenter it was showing high CPU usage for this VM. It was also giving me a message inside the VM that it was increasing memory.

With the VM running HIGH CPU, could that of caused the issues? I think I need to add more RAM to this VM as I am only using 1 GB. I only have around 100 users. the CPU has returned to normal and no additional errors are being reported in the event viewer.
0
Comment
Question by:victordr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 1600 total points
ID: 39829593
First off run the below commands to check on the replicaiton and AD diagnostic tests...
- repadmin /replsum
- repadmin /showrepl
- dcdiag /v

Also can you open AD Sites and Services and under the Computer>NTDS Settings>Properties>General Tab change to see if your DC is actually a GC or if it has been changed.

Will.
0
 

Author Comment

by:victordr
ID: 39829605
i already ran these tests and everything looked good. I did verify the server is a GC. all of the other Domain Controllers showed no errors.
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829611
Ok, check to ensure that all of the services on that box have been started correctly. Also run "netdom query fsmo" and ensure that your FSMO role holder is actually seen as this FSMO holder by the DC itself and also other DC's in your environment.

Will.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:victordr
ID: 39829616
ok. So do you think the hiccup may have been caused by the high cpu usage?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829637
Not sure i understand your last statment. Have you been able to try and rreboot that DC in question?

Will.
0
 

Author Comment

by:victordr
ID: 39829649
No i haven't rebooted it. I am asking that because the CPU was pegged on the VM, could this of caused the issues with AD on the server?
0
 
LVL 2

Assisted Solution

by:dalberson
dalberson earned 400 total points
ID: 39829731
Will gave some very good instructions, and I understand you have tried these and found no "smoking gun".

It IS theoretically possible that during a time of extremely high CPU usage, I suppose a "time out" could have been experienced, causing an "non-responsive" global catalog temporarily.

So the answer is "yes, in my opinion" - High CPU could have caused the error.

This is reinforced as "what happened" especially if you no longer are experiencing any problems...
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829773
What specific services / processes chewing up the CPU on the server? If it is lsass.exe or some other AD process is could be the culprit.

Do you have an Anti-virus software installed on this server?

Will.
0
 

Author Comment

by:victordr
ID: 39829795
by the time I logged into the VM, the CPU was back to normal. Yes I have Symantec Endpoint 12.1
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39829830
Are you still encountering the issues of slow performance? If you are and the processes are good, also reference the event log as well to ensure that there are no issues related listed in there.

Will.
0
 

Author Comment

by:victordr
ID: 39829977
no everything is fine now. I just wanted to make sure there was no more additional issues.

I am going to bump up the RAM tonight in the VM.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question