Network anomolies pertaining to AD

Hello.  Not sure how to describe this adequately and quickly, but in short it seems like our primary 2008 AD server is causing network problems.  We have 3 authority servers on the network, and the one we call "primary" is the one that we upgraded from 2003 to 2008 and used as our main AD server to upgrade the network about 18 months ago.  We have noticed weird things on and off for the last 6 months, where RDP sessions would suddenly drop, and server/clients whose network connection would show the yellow ! and say "no internet connectivity" or "limited connectivity", and we'd have to reboot them once or twice and then it would work.  Last night, however, the entire network was affected by whatever it is.  We ended up shutting down the entire network and restarting everything one at a time.  We found that when we kept our primary off, but turned on an older 2003 authority server, the network works.  Problem is that now our main DHCP/DNS server (the primary) is down, so DHCP doesn't work.  So - we need some help in figuring out 2 things - 1) how can we get DHCP up on a 2nd machine? I do have DHCP installed on another authority server but the service is not running.  (how can I sync it so it's handing out IPs accurately?).  and 2) How do I go about troubleshooting the primary AD machine?  Thanks a lot for your help.

Damian GardnerIT AdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
We found that when we kept our primary off, but turned on an older 2003 authority server, the network works.

Based on what you have described, your network connectivity "no internet access" seems to be a network related issue more then a Domain Controller issue. Have you made sure that your Primary DC has a stable connection on the network? Is this physical or vitrual? Also make sure that DNS is operating properly is also critical for users to be able to access the network.

I would not simply power off the DC especially if it is holding the FSMO roles.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Damian GardnerIT AdminAuthor Commented:
The FSMO roles are indeed on the primary machine, from what I remember.  it's been off for the last couple hours, and the only issue we're having is DHCP request going ignored.  What is your recommendation on HOW to verify DNS is operating?  I do have DNS running on a 3rd server on the network, which is the "Secondary DNS" machine.  it SEEMs to be serving the network, but is there a test I should perform?
Will SzymkowskiSenior Solution ArchitectCommented:
If you have the FSMO role holder offline for an extended period of time then you are going to run into issues with logins etc becasue the PDC role is not online which is the time source. Your other DC's will eventually have there time skewed and if it is more then 5 minutes out you users will not be able to login.

At this point i am not sure what is going on with your network but if you are 100% sure that it is actually the DC causing the issues then i would highly recommend that you power on the 2008 DC transfer ALL of the roles to the 2003 server and then demote the 2008 DC. You need to make sure that FSMO roles are on a DC that is online or you will run into trouble.

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Damian GardnerIT AdminAuthor Commented:
Got it.  ok, thanks Will
Seth SimmonsSr. Systems AdministratorCommented:
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
Will SzymkowskiSenior Solution ArchitectCommented:
In both of my posts I have provided the asker valuable information. The asker has also appreicated my input as well.

Answers should be accepted.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.