[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Big connectivity problems on a small network

Posted on 2014-08-31
Medium Priority
Last Modified: 2014-12-12
I was called to check on the issues on this small network, and why clients continuously loose their network mappings.
Turns out they have 3 servers and 15 Windows 7 Pro Clients.
Server1: Domain controller, AD, DNS, DHCP. Windows 2012 R2 to the latest updates. Static IP
Server2: It's only a file server, for shares. Hyper V. Turns out it still has some AD services installed (More on this later )Static IP
Server 3: Windows 2008R2 patched to the latest updates. File Server, Hyper V, and Miscrosoft Dynamics.

This place has been running without major glitches for 1 1/2 years. Two weeks ago, clients cant find the mappings to Server2.

Upon reading the event viewer, I find a bunch of errors strange errors (all in Server1):
Event 1206      ADWS   Active Directory Web Services was unable to determine if the computer is a global catalog server.

Event 1232      Active Directory_Domain Service  Active Directory Domain Services attempted to perform a remote procedure call (RPC) to the following server.  The call timed out and was cancelled.

Event 1188      Active Directory_Domain Service    A thread in Active Directory Domain Services is waiting for the completion of a RPC made to the following directory service.

Event 1059        DHCP
The DHCP service failed to see a directory server for authorization.

Event 1056        DHCP
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service

Searching in the back-history turns out Server2 used to be a Full AD server (PDC) and the main authentication server. Then (a year ago) someone installed Server4 to become the main PDC, and demoted Server2. Then Server4 crashed, and that's when they brought in Server1 the one they have been using for more than 1 year.

And they haven't had these problems until two weeks ago.
Also around the time these problems started, someone installed HyperV in Server1 and also a software called Netwrix (for log management). I uninstalled both from Server1.

But the clients keep loosing the mapping to share drives in Server2. And the main solution is to run on the client workstattion IPCONFIG /RELEASE/RENEW and then /FLUSHDNS and then GPUPDATE /FORCE
Then most of the time works.

Another weird sympton is that when I ping Server2 from a workstation instead of getting i usually get which is a Multifunction printer with a static IP in our network.
Who can be giving my clients that IP address?

Also, upon rebooting the Server1, I get the failures to start DHCP. But when I go to services, and restart it manually, DHCP gives me a message that was able to start normally and service clients.

My intuition leans towards Server2 still being a DC, and Server1's DNS still refers to it as an alternate DC. I think it should be relegated to just a plain File server, since it is NOT supposed to have any roles.  Also, although AD shows as not being installed in the roles of the server, when I ran DCPromo it asks me if I want to remove AD from this server and have it join the domain, so that leads me to think I should.

QUESTION: Given the scenario, and taking into account that Server2 is not supposed to have any roles other than a file server, should I run a DCPromo and demote it?

When I check the DNS records in Server1 I see a reference to Server2 everywhere, and Server2 does not have DNS at all.

Any suggestions will be greatly appreciated.  Also any other line of thought or making me look at another type of issue would be welcome.
Question by:cgsolutions
LVL 16

Expert Comment

ID: 40295704
I would reboot all 3.

It seems like a unauthorized account may have been trying to log on. Not quite sure though.

Error 1206 points to permissions. http://technet.microsoft.com/en-us/library/cc773457%28v=ws.10%29.aspx
LVL 15

Accepted Solution

Perarduaadastra earned 1500 total points
ID: 40295830
I'd check for IP address conflicts, and for any other active DHCP and DNS servers on the network. With only fifteen clients a backup DC seems overkill, and it may be that for some reason it is trying to be the primary. Confirm that your DHCP scopes don't overlap any static IP addresses assigned to devices such as printers and routers.

Check the backup DC in particular, but also any routers and switches on the LAN that have DHCP and DNS server capability, and make sure that those services are provided exclusively by your 2012 server.

Author Closing Comment

ID: 40310095
After exhaustive research we found out that one of the two unmanaged switches was crashing.
Installed a temporary replacement and situation improved, although it is not totally solved.
More research to be done on this.

Expert Comment

by:Ralf Thiel
ID: 40497621
During some other research I stumbled upon this thread. To me it sounds like a messy AD setup. I would verify with dcdiag focusing on fsmo roles, DNS server settings on all servers, DNS options pointing to the AD DNS, etc.. Only once the file replication  and AD replication is confirmed (SYSVOL up)  this network has a chance to operate stable.  Having a second AD controller in place is not a bad idea, supposed the setup is correct at first and someone knows how to handover FSMO roles and howto clean the AD in case one of them crashes.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question