Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


This is a Challenging Question - AD

Posted on 2014-12-11
Medium Priority
Last Modified: 2014-12-11
I've run-up against an interesting problem on our network. We are running a Windows Server 2008 R2 environment with primarily Windows 7 clients. Earlier this week, we lost our Internet connection but I seriously doubt that has anything to do with what we're experiencing now.

Users began reporting they were unable to open Outlook. They continuously received the error "server is unavailable." Oddly enough, yesterday, I was able to delete and recreate their Outlook profile which seemed to fix the problem. This morning, they are experiencing the same issue again but this time, recreating the profile isn't fixing the problem. I've been forced to set them all up with OWA which, understandably, they're pretty upset with.

We're also using a CRM application which uses AD accounts to authenticate to a SQL database. That has seemed to stop working as well. If I change their authentication to SQL, it works fine.

There appears to be some kind of authentication issue but I'm not quite sure. I thought I'd put this out here and see if anyone else has run across this type of problem.

1) Outlook client will not work but Internet-based (OWA) solution, along with all cell phones, work fine
2) AD authentication to SQL isn't working but SQL authentication does.

Any ideas?
Question by:TelecoSouthFlorida
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Expert Comment

ID: 40494532
Not sure I'll be much help, but do you have multiple AD servers?

Have you tired a dcdiag and or netdiag?

Does dns resolution still work?

Author Comment

ID: 40494713
No, just a single domain controller. Dcdiag ran clean, reporting no errors. DNS seems to be resolving fine. Its really strange. Some users can get in... some cannot. You might think it was anti-virus software but I've ruled that out as well.

Author Comment

ID: 40494806
Interesting finding to add...

When I ran a ping of the server, it came back as ff80::d68:444c:6acc:81ba%14 instead of the IP 10.0.0.x so I created a hosts entry for that particular server. That fixed it but... bigger problem, why was it getting that kind of response?

Any ideas?
LVL 34

Accepted Solution

it_saige earned 2000 total points
ID: 40494835
By default Windows Server 2008 (and above) enable IPv6 and will use this to communicate with clients that support it.  You can disable IPv6 by unchecking Internet Protocol Version 6 (TCP/IPv6) in the network card configuration.Capture.JPG
The root cause, though, is probably DNS related, where DNS is listening to and answering requests on the IPv6 address.Capture.JPG

Author Comment

ID: 40494934
Thank you for the response IT Saige. I've read numerous articles today on why you shouldn't "disable" IPv6 on the machines but the bindings in DNS were in fact setup for both IPv4 & IPv6. I have unbound the IPv6 addresses from the DNS server and it seems to have fixed the problem for the moment.

Thank you for your input!

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PHP contact form that lets the user to contact the company through email contact form. A button is fixed at the bottom of site, on clicking a new window will open where a user can send the email.
An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question