Server 2012 R2 Strange DC Behaviour
We are getting some strange behavior on our primary server.
Server Background:
Server 2012 R2, DC, File Server, Hyper-V host
Hosts around 10tb of data which is DFSr'd to 2 oversea servers
Hosts an Exchange VM plus an assortment of application VMs
Issue:
Works fine after reboot for around 2 weeks, after this the first issue noticed is that we can't RDP to the box. Sits for ever on applying group policies. A reboot resolves the issue, however today out of luck, I was logged on when one of the other techs complained they could not get on.
All end user services seem unaffected, Everyone can access the shares, log on, all the VMs are still running.
The first thing I check is group policies: gpresult /h gp.html - This has now locked up (or taking a long time, has been an hour)
Event viewer is uninformative except for the <GPClient> is taking a long time for operation Logon.
Went to check the status of GPO sync. GPO Manager hangs.
I check GPO sync from our backup DC and everything is in sync. Ironically, when I forced the GPO Manager to user the main DC it still works fine from that box.
I open Hyper-V manager on an unrelated issue, and can not connect to Hyper-V server, yet VMs are running ok.
I attempt to use Hyper-V manager on the backup DC to open the main server, but it won;t connect to the main server. No error, just nothing.
I goto check on services, Get an hourglass for half a second, then nothing. Again no error, just nothing. - Update, in the time it took me to write this, the services window came up.
Task manager looks healthy enough, no run-away tasks that can be seen.
I'm after 1 of 2 options at this stage. Since I know a reboot solves it for a while, something somewhere has hung. If I can find that bit, maybe I can restart it without having to restart the entire server.
Or 2, actually fixing the issue.
Any idea guys on where to start?
Server Background:
Server 2012 R2, DC, File Server, Hyper-V host
Hosts around 10tb of data which is DFSr'd to 2 oversea servers
Hosts an Exchange VM plus an assortment of application VMs
Issue:
Works fine after reboot for around 2 weeks, after this the first issue noticed is that we can't RDP to the box. Sits for ever on applying group policies. A reboot resolves the issue, however today out of luck, I was logged on when one of the other techs complained they could not get on.
All end user services seem unaffected, Everyone can access the shares, log on, all the VMs are still running.
The first thing I check is group policies: gpresult /h gp.html - This has now locked up (or taking a long time, has been an hour)
Event viewer is uninformative except for the <GPClient> is taking a long time for operation Logon.
Went to check the status of GPO sync. GPO Manager hangs.
I check GPO sync from our backup DC and everything is in sync. Ironically, when I forced the GPO Manager to user the main DC it still works fine from that box.
I open Hyper-V manager on an unrelated issue, and can not connect to Hyper-V server, yet VMs are running ok.
I attempt to use Hyper-V manager on the backup DC to open the main server, but it won;t connect to the main server. No error, just nothing.
I goto check on services, Get an hourglass for half a second, then nothing. Again no error, just nothing. - Update, in the time it took me to write this, the services window came up.
Task manager looks healthy enough, no run-away tasks that can be seen.
I'm after 1 of 2 options at this stage. Since I know a reboot solves it for a while, something somewhere has hung. If I can find that bit, maybe I can restart it without having to restart the entire server.
Or 2, actually fixing the issue.
Any idea guys on where to start?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've done some research and it appears you are spot on! In addition to other security matters. Since we have other DC's at this site I believe that I'll have to reboot to return to a normal state, then DC Promo the Hpyer-V box out of the domain, which will likely solve the problem moving forward.
A link for future readers:
http://www.altaro.com/hyper-v/reasons-not-to-make-hyper-v-a-domain-controller/
Regards,
Allan