Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 168
  • Last Modified:

This is a Challenging Question - AD

I've run-up against an interesting problem on our network. We are running a Windows Server 2008 R2 environment with primarily Windows 7 clients. Earlier this week, we lost our Internet connection but I seriously doubt that has anything to do with what we're experiencing now.

Users began reporting they were unable to open Outlook. They continuously received the error "server is unavailable." Oddly enough, yesterday, I was able to delete and recreate their Outlook profile which seemed to fix the problem. This morning, they are experiencing the same issue again but this time, recreating the profile isn't fixing the problem. I've been forced to set them all up with OWA which, understandably, they're pretty upset with.

We're also using a CRM application which uses AD accounts to authenticate to a SQL database. That has seemed to stop working as well. If I change their authentication to SQL, it works fine.

There appears to be some kind of authentication issue but I'm not quite sure. I thought I'd put this out here and see if anyone else has run across this type of problem.

Summary:
1) Outlook client will not work but Internet-based (OWA) solution, along with all cell phones, work fine
2) AD authentication to SQL isn't working but SQL authentication does.

Any ideas?
0
TelecoSouthFlorida
Asked:
TelecoSouthFlorida
  • 3
1 Solution
 
themightydudeCommented:
Not sure I'll be much help, but do you have multiple AD servers?

Have you tired a dcdiag and or netdiag?

Does dns resolution still work?
0
 
TelecoSouthFloridaAuthor Commented:
No, just a single domain controller. Dcdiag ran clean, reporting no errors. DNS seems to be resolving fine. Its really strange. Some users can get in... some cannot. You might think it was anti-virus software but I've ruled that out as well.
0
 
TelecoSouthFloridaAuthor Commented:
Interesting finding to add...

When I ran a ping of the server, it came back as ff80::d68:444c:6acc:81ba%14 instead of the IP 10.0.0.x so I created a hosts entry for that particular server. That fixed it but... bigger problem, why was it getting that kind of response?

Any ideas?
0
 
it_saigeDeveloperCommented:
By default Windows Server 2008 (and above) enable IPv6 and will use this to communicate with clients that support it.  You can disable IPv6 by unchecking Internet Protocol Version 6 (TCP/IPv6) in the network card configuration.Capture.JPG
The root cause, though, is probably DNS related, where DNS is listening to and answering requests on the IPv6 address.Capture.JPG
-saige-
0
 
TelecoSouthFloridaAuthor Commented:
Thank you for the response IT Saige. I've read numerous articles today on why you shouldn't "disable" IPv6 on the machines but the bindings in DNS were in fact setup for both IPv4 & IPv6. I have unbound the IPv6 addresses from the DNS server and it seems to have fixed the problem for the moment.

Thank you for your input!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now