Solved

One Client on Windows Domain Intermittently Drops Good IP and gets 169. IP

Posted on 2014-11-25
16
224 Views
Last Modified: 2014-12-02
Small Windows domain with one DC. DC is the only DHCP server on network. One client on the network is randomly dropping (multiple times throughout the day) its IP and then coming up with a 169. IP thereby dropping the network connection. ipconfig /renew just hangs. Disable/enable the network adapter comes up with a good IP again.

MODEM ---->  FIREWALL (10.0.0.1) -----> SERVER (10.0.0.2) -----> DHCP CLIENTS (.50-.99)

Background: Recent issues with server/network in last month. Blue screens and network dropouts. I think possible power outage related. Maybe a half-fried network port (on-board) on server (not yet replaced) and a half-fried switch (which we've since replaced). I was trying to plan for a possible replacement of the server with new hardware so I virtualized our existing server (bad idea). I think in the process I may have confused the hell out of our network (suddenly had 2 DHCP servers on the network). I fixed those issues but now have this one remaining problem client. Any help much appreciated.
0
Comment
Question by:jpfulton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
  • 2
16 Comments
 
LVL 94

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40464586
There are a number of underlying issues as you note.

For the one client machine, you might try TCP/IP Reset and Flush DNS.

Open cmd.exe with Run as Administrator
Then  netsh int ip reset c:\resetlog.txt
Also, ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
Then restart the computer
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40464587
did you try to uninstall/install the network card (using device manager)
do you have issues like two clients has the same IP?
0
 

Author Comment

by:jpfulton
ID: 40464613
I'd like to attach the client's system event log which I saved immediately after the most recent drop. Is that a security risk?
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:jpfulton
ID: 40464614
Won't be able to troubleshoot more until a little later --- the computer is currently in use. I can say that I just today noticed in DHCP on the server that there was one entry just named "BAD_ADDRESS" and in the description it said that the IP was already in use (though it didn't tell me what the IP is or what the name is). I deleted it from DHCP and it has not reappeared.

I have not tried uninstalling and reinstalling the network card (assuming you meant on the client?) but as I mentioned, just disable/enable prompts a DHCP request that results in a good IP.

I'll try to run those couple commands on the client asap and see where that gets me.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40464718
I wish you quick good luck,
regarding system event log, there is no need for that at the moment,
0
 

Author Comment

by:jpfulton
ID: 40464738
Okay, re: event log. I'm finding the following leading up to the drop:

First this:
Event ID 7038 The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
Logon failure: the specified account password has expired.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Open in new window


Then this:
Event ID 7000 The NVIDIA Update Service Daemon service failed to start due to the following error: 
The service did not start due to a logon failure.

Open in new window


Seems like that would be extremely relevant, right?

Not sure why it's saying the account password has expired... b/c it hasn't.
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40464783
I think not, but maybe it is a surface of a bigger problem
make sure that the NVIDIA Update Service Daemon is running on local system account
if yes, then dis-join the computer from AD and re-join it again
0
 

Author Comment

by:jpfulton
ID: 40464811
It was stopped but set to use UpdateusUser. I changed it to Local system account, hit start and got a message that "some services won't start if not currently in use" or something. I'm thinking after a reboot this might solve THAT particular error appearance.
0
 

Author Comment

by:jpfulton
ID: 40466691
I have not gotten another user reported network drop since doing a TCP/IP reset, flushdns and tweaking the nvidia update service logon credentials. It's been about 20 hours though the majority of that time has been non-work hours.

In looking through the system event log I don't see any evidence of network drop with the exception of one particular event:

Event ID 1006, Error Code 49 -- The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

Open in new window


Under the EventData heading on the Details tab it says "ErrorDescription: Invalid Credentials".
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40466831
I think It is better now to rejoin the client computer to the domain
0
 

Author Comment

by:jpfulton
ID: 40467164
i was afraid of that... will that mess up user profiles... outlook/desktop/documents folder etc or will it be pretty seamless?
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40467197
it did not happened to me, but I'cant give guarantee (this is Microsoft :))
Ok, try to reset computer account
check this
http://redmondmag.com/articles/2014/04/21/domain-trust-issues.aspx
0
 

Author Comment

by:jpfulton
ID: 40467220
Anbody know exactly what the reset function does?
0
 
LVL 12

Expert Comment

by:FarWest
ID: 40467228
there is some explanation in the URL I've sent to you, reset the security key (password) of the computer that to communicate with AD
0
 

Author Closing Comment

by:jpfulton
ID: 40476799
It appears that John Hurst's suggestions were the fix (or one of them was). Can't completely verify which one or if either did the trick since I was simultaneously trying a number of things and since it has been an intermittent problem, but it has been a few days and the problem has not recurred. Thanks!
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 40476945
@jpfulton - Thanks for the update and I was happy to help.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question