Link to home
Start Free TrialLog in
Avatar of jpfulton
jpfulton

asked on

One Client on Windows Domain Intermittently Drops Good IP and gets 169. IP

Small Windows domain with one DC. DC is the only DHCP server on network. One client on the network is randomly dropping (multiple times throughout the day) its IP and then coming up with a 169. IP thereby dropping the network connection. ipconfig /renew just hangs. Disable/enable the network adapter comes up with a good IP again.

MODEM ---->  FIREWALL (10.0.0.1) -----> SERVER (10.0.0.2) -----> DHCP CLIENTS (.50-.99)

Background: Recent issues with server/network in last month. Blue screens and network dropouts. I think possible power outage related. Maybe a half-fried network port (on-board) on server (not yet replaced) and a half-fried switch (which we've since replaced). I was trying to plan for a possible replacement of the server with new hardware so I virtualized our existing server (bad idea). I think in the process I may have confused the hell out of our network (suddenly had 2 DHCP servers on the network). I fixed those issues but now have this one remaining problem client. Any help much appreciated.
ASKER CERTIFIED SOLUTION
Avatar of John
John
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of FarWest
FarWest

did you try to uninstall/install the network card (using device manager)
do you have issues like two clients has the same IP?
Avatar of jpfulton

ASKER

I'd like to attach the client's system event log which I saved immediately after the most recent drop. Is that a security risk?
Won't be able to troubleshoot more until a little later --- the computer is currently in use. I can say that I just today noticed in DHCP on the server that there was one entry just named "BAD_ADDRESS" and in the description it said that the IP was already in use (though it didn't tell me what the IP is or what the name is). I deleted it from DHCP and it has not reappeared.

I have not tried uninstalling and reinstalling the network card (assuming you meant on the client?) but as I mentioned, just disable/enable prompts a DHCP request that results in a good IP.

I'll try to run those couple commands on the client asap and see where that gets me.
I wish you quick good luck,
regarding system event log, there is no need for that at the moment,
Okay, re: event log. I'm finding the following leading up to the drop:

First this:
Event ID 7038 The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
Logon failure: the specified account password has expired.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Open in new window


Then this:
Event ID 7000 The NVIDIA Update Service Daemon service failed to start due to the following error: 
The service did not start due to a logon failure.

Open in new window


Seems like that would be extremely relevant, right?

Not sure why it's saying the account password has expired... b/c it hasn't.
I think not, but maybe it is a surface of a bigger problem
make sure that the NVIDIA Update Service Daemon is running on local system account
if yes, then dis-join the computer from AD and re-join it again
It was stopped but set to use UpdateusUser. I changed it to Local system account, hit start and got a message that "some services won't start if not currently in use" or something. I'm thinking after a reboot this might solve THAT particular error appearance.
I have not gotten another user reported network drop since doing a TCP/IP reset, flushdns and tweaking the nvidia update service logon credentials. It's been about 20 hours though the majority of that time has been non-work hours.

In looking through the system event log I don't see any evidence of network drop with the exception of one particular event:

Event ID 1006, Error Code 49 -- The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.

Open in new window


Under the EventData heading on the Details tab it says "ErrorDescription: Invalid Credentials".
I think It is better now to rejoin the client computer to the domain
i was afraid of that... will that mess up user profiles... outlook/desktop/documents folder etc or will it be pretty seamless?
it did not happened to me, but I'cant give guarantee (this is Microsoft :))
Ok, try to reset computer account
check this
http://redmondmag.com/articles/2014/04/21/domain-trust-issues.aspx
Anbody know exactly what the reset function does?
there is some explanation in the URL I've sent to you, reset the security key (password) of the computer that to communicate with AD
It appears that John Hurst's suggestions were the fix (or one of them was). Can't completely verify which one or if either did the trick since I was simultaneously trying a number of things and since it has been an intermittent problem, but it has been a few days and the problem has not recurred. Thanks!
@jpfulton - Thanks for the update and I was happy to help.