Solved

Server 2012 R2 Strange DC Behaviour

Posted on 2014-10-08
2
298 Views
Last Modified: 2014-10-08
We are getting some strange behavior on our primary server.

Server Background:
Server 2012 R2, DC, File Server, Hyper-V host
Hosts around 10tb of data which is DFSr'd to 2 oversea servers
Hosts an Exchange VM plus an assortment of application VMs

Issue:
Works fine after reboot for around 2 weeks, after this the first issue noticed is that we can't RDP to the box. Sits for ever on applying group policies. A reboot resolves the issue, however today out of luck, I was logged on when one of the other techs complained they could not get on.

All end user services seem unaffected, Everyone can access the shares, log on, all the VMs are still running.

The first thing I check is group policies: gpresult /h gp.html - This has now locked up (or taking a long time, has been an hour)
Event viewer is uninformative except for the <GPClient> is taking a long time for operation Logon.

Went to check the status of GPO sync. GPO Manager hangs.

I check GPO sync from our backup DC and everything is in sync. Ironically, when I forced the GPO Manager to user the main DC it still works fine from that box.

I open Hyper-V manager on an unrelated issue, and can not connect to Hyper-V server, yet VMs are running ok.

I attempt to use Hyper-V manager on the backup DC to open the main server, but it won;t connect to the main server. No error, just nothing.

I goto check on services, Get an hourglass for half a second, then nothing. Again no error, just nothing. - Update, in the time it took me to write this, the services window came up.

Task manager looks healthy enough, no run-away tasks that can be seen.

I'm after 1 of 2 options at this stage. Since I know a reboot solves it for a while, something somewhere has hung. If I can find that bit, maybe I can restart it without having to restart the entire server.

Or 2, actually fixing the issue.

Any idea guys on where to start?
0
Comment
Question by:Wargameskhaine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40369820
This is very common when ADDS and Hyper-V are installed on the same OS. Simple resource contention and eventually it just falls over.

Hyoer-V should *always* (without exception!) be isolated if you are going to run it. All other roles should be in VMs or on other servers.
0
 

Author Closing Comment

by:Wargameskhaine
ID: 40369823
Thanks Cliff,

I've done some research and it appears you are spot on! In addition to other security matters. Since we have other DC's at this site I believe that I'll have to reboot to return to a normal state, then DC Promo the Hpyer-V box out of the domain, which will likely solve the problem moving forward.

A link for future readers:
http://www.altaro.com/hyper-v/reasons-not-to-make-hyper-v-a-domain-controller/

Regards,

Allan
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question