One Client on Windows Domain Intermittently Drops Good IP and gets 169. IP

Small Windows domain with one DC. DC is the only DHCP server on network. One client on the network is randomly dropping (multiple times throughout the day) its IP and then coming up with a 169. IP thereby dropping the network connection. ipconfig /renew just hangs. Disable/enable the network adapter comes up with a good IP again.

MODEM ---->  FIREWALL (10.0.0.1) -----> SERVER (10.0.0.2) -----> DHCP CLIENTS (.50-.99)

Background: Recent issues with server/network in last month. Blue screens and network dropouts. I think possible power outage related. Maybe a half-fried network port (on-board) on server (not yet replaced) and a half-fried switch (which we've since replaced). I was trying to plan for a possible replacement of the server with new hardware so I virtualized our existing server (bad idea). I think in the process I may have confused the hell out of our network (suddenly had 2 DHCP servers on the network). I fixed those issues but now have this one remaining problem client. Any help much appreciated.
jpfultonAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
There are a number of underlying issues as you note.

For the one client machine, you might try TCP/IP Reset and Flush DNS.

Open cmd.exe with Run as Administrator
Then  netsh int ip reset c:\resetlog.txt
Also, ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
Then restart the computer

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
FarWestCommented:
did you try to uninstall/install the network card (using device manager)
do you have issues like two clients has the same IP?
jpfultonAuthor Commented:
I'd like to attach the client's system event log which I saved immediately after the most recent drop. Is that a security risk?
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

jpfultonAuthor Commented:
Won't be able to troubleshoot more until a little later --- the computer is currently in use. I can say that I just today noticed in DHCP on the server that there was one entry just named "BAD_ADDRESS" and in the description it said that the IP was already in use (though it didn't tell me what the IP is or what the name is). I deleted it from DHCP and it has not reappeared.

I have not tried uninstalling and reinstalling the network card (assuming you meant on the client?) but as I mentioned, just disable/enable prompts a DHCP request that results in a good IP.

I'll try to run those couple commands on the client asap and see where that gets me.
FarWestCommented:
I wish you quick good luck,
regarding system event log, there is no need for that at the moment,
jpfultonAuthor Commented:
Okay, re: event log. I'm finding the following leading up to the drop:

First this:
Event ID 7038 The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
Logon failure: the specified account password has expired.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Open in new window


Then this:
Event ID 7000 The NVIDIA Update Service Daemon service failed to start due to the following error: 
The service did not start due to a logon failure.

Open in new window


Seems like that would be extremely relevant, right?

Not sure why it's saying the account password has expired... b/c it hasn't.
FarWestCommented:
I think not, but maybe it is a surface of a bigger problem
make sure that the NVIDIA Update Service Daemon is running on local system account
if yes, then dis-join the computer from AD and re-join it again
jpfultonAuthor Commented:
It was stopped but set to use UpdateusUser. I changed it to Local system account, hit start and got a message that "some services won't start if not currently in use" or something. I'm thinking after a reboot this might solve THAT particular error appearance.
jpfultonAuthor Commented:
I have not gotten another user reported network drop since doing a TCP/IP reset, flushdns and tweaking the nvidia update service logon credentials. It's been about 20 hours though the majority of that time has been non-work hours.

In looking through the system event log I don't see any evidence of network drop with the exception of one particular event:

Event ID 1006, Error Code 49 -- The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

Open in new window


Under the EventData heading on the Details tab it says "ErrorDescription: Invalid Credentials".
FarWestCommented:
I think It is better now to rejoin the client computer to the domain
jpfultonAuthor Commented:
i was afraid of that... will that mess up user profiles... outlook/desktop/documents folder etc or will it be pretty seamless?
FarWestCommented:
it did not happened to me, but I'cant give guarantee (this is Microsoft :))
Ok, try to reset computer account
check this
http://redmondmag.com/articles/2014/04/21/domain-trust-issues.aspx
jpfultonAuthor Commented:
Anbody know exactly what the reset function does?
FarWestCommented:
there is some explanation in the URL I've sent to you, reset the security key (password) of the computer that to communicate with AD
jpfultonAuthor Commented:
It appears that John Hurst's suggestions were the fix (or one of them was). Can't completely verify which one or if either did the trick since I was simultaneously trying a number of things and since it has been an intermittent problem, but it has been a few days and the problem has not recurred. Thanks!
JohnBusiness Consultant (Owner)Commented:
@jpfulton - Thanks for the update and I was happy to help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.