Solved

This is a Challenging Question - AD

Posted on 2014-12-11
5
147 Views
Last Modified: 2014-12-11
I've run-up against an interesting problem on our network. We are running a Windows Server 2008 R2 environment with primarily Windows 7 clients. Earlier this week, we lost our Internet connection but I seriously doubt that has anything to do with what we're experiencing now.

Users began reporting they were unable to open Outlook. They continuously received the error "server is unavailable." Oddly enough, yesterday, I was able to delete and recreate their Outlook profile which seemed to fix the problem. This morning, they are experiencing the same issue again but this time, recreating the profile isn't fixing the problem. I've been forced to set them all up with OWA which, understandably, they're pretty upset with.

We're also using a CRM application which uses AD accounts to authenticate to a SQL database. That has seemed to stop working as well. If I change their authentication to SQL, it works fine.

There appears to be some kind of authentication issue but I'm not quite sure. I thought I'd put this out here and see if anyone else has run across this type of problem.

Summary:
1) Outlook client will not work but Internet-based (OWA) solution, along with all cell phones, work fine
2) AD authentication to SQL isn't working but SQL authentication does.

Any ideas?
0
Comment
Question by:TelecoSouthFlorida
  • 3
5 Comments
 
LVL 4

Expert Comment

by:themightydude
ID: 40494532
Not sure I'll be much help, but do you have multiple AD servers?

Have you tired a dcdiag and or netdiag?

Does dns resolution still work?
0
 

Author Comment

by:TelecoSouthFlorida
ID: 40494713
No, just a single domain controller. Dcdiag ran clean, reporting no errors. DNS seems to be resolving fine. Its really strange. Some users can get in... some cannot. You might think it was anti-virus software but I've ruled that out as well.
0
 

Author Comment

by:TelecoSouthFlorida
ID: 40494806
Interesting finding to add...

When I ran a ping of the server, it came back as ff80::d68:444c:6acc:81ba%14 instead of the IP 10.0.0.x so I created a hosts entry for that particular server. That fixed it but... bigger problem, why was it getting that kind of response?

Any ideas?
0
 
LVL 32

Accepted Solution

by:
it_saige earned 500 total points
ID: 40494835
By default Windows Server 2008 (and above) enable IPv6 and will use this to communicate with clients that support it.  You can disable IPv6 by unchecking Internet Protocol Version 6 (TCP/IPv6) in the network card configuration.Capture.JPG
The root cause, though, is probably DNS related, where DNS is listening to and answering requests on the IPv6 address.Capture.JPG
-saige-
0
 

Author Comment

by:TelecoSouthFlorida
ID: 40494934
Thank you for the response IT Saige. I've read numerous articles today on why you shouldn't "disable" IPv6 on the machines but the bindings in DNS were in fact setup for both IPv4 & IPv6. I have unbound the IPv6 addresses from the DNS server and it seems to have fixed the problem for the moment.

Thank you for your input!
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now