Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: DC Problems

  1. #1

    Question DC Problems

    This has been one doozy of a network problem, and I'm not sure I can even give you guys enough useful info for you to be able to throw ideas at me, but I'm gonna take a whack at it anyway...my boss and I are both stumped on this one so far, and I have a bad feeling this is some deeply rooted Active Directory problem, as Tiger has been warning me would inevitably come sooner or later given my past AD catastrophies....That said...

    Yesterday, the DC just stopped working right. This is with NO changes made to it. It was just running, untouched, doing its thing, and just up and stopped. It kicked all clients off the Internet and stopped allowing clients to connect to it remotely via terminal services. Also, it's been preventing network connections to our internal database.

    Now how this happened without any configuration settings ever being changed is beyond me. The last time I had problems, it was an issue with the two DCs talking to each other, so I removed the other DC and gave all roles to this one. For the past couple of months it has worked fine as the sole DC on the network, and it's been smooth sailing.

    Error logs showed some KCC and RSVP errors for a while, and after trying some fixes those have disappeared. Now the event logs look clean. It looked like it was still trying to replicate to another DC out there that no longer existed, and what's really weird is that at some point it was actually trying to replicate to itself! So I went through AD and further cleaned out references to the now gone other DC and the one mysterious reference to itself.

    Checked the network card and drivers, all is in order and passes all diagnostics.

    To look the DC over, you'd give it a clean bill of health. Everything looks clean and in good order.

    Nonetheless, no client machine can connect to the Internet (and it is a DNS issue surely -- the router looks to be working just fine), the DC keeps kicking off client connections to itself via terminal services, and the connection to the database keeps breaking, seemingly at random times.

    For now we're trying to promote one of the other servers as a DC and DNS server as a temporary fix until we figure this out, and I'm about to try a Windows repair on it. Other than though, any ideas at all?

  2. #2
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    I would be inclined to check the server for virii, and possibly spy/malware. Also, check the system drive for free space and make sure that the server is not set to disable itself if the log file is full.

  3. #3
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Bring them both down and wait 10 minutes. Then boot the one that was in charge first. Wait 10 minutes then boot the other. And go set your clients for alternate DNS servers. One primary and one backup so that when the first one is down they can use the second one to get access to address translations.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  4. #4
    None of that's working...

    Perhaps it's a hardware issue? I'm about to start playing with our switches if see if we can pinpoint something...I'll report back...

  5. #5
    This is just getting crazier and crazier. All the hardware seems in check. Even swapped switches, still no use. The network just randomly goes down every few minutes (~15min) or so. If you're connected to the DC remotely when this happens, the remote connection freezes for a couple of minutes and then you're kicked. Then Internet and intranet go down.

    So we finally caved in and brought in an outside networking expert to take a look at it. Well, even he's stumped! (So at least I don't feel totally incompetant now, and the boss got to see that even the superior expert is confused -- at least that's good news.) So, now I'm bringing the DC up to date on all the latest patches (the Windows repair rolled it back), and then our networking expert is going to call Microsoft for further assistance.

    So, we'll see where this goes...in the meantime, we've got a bunch of employees with nothing to do other than clean their desks.

  6. #6
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    If you were to deliberately take the system off-line, how would you do it, so that it wouldn't be apparent ?

    Have you been 'hacked' ?

    If you take the system off-line, does the internal set up still function ?
    Without let or hinderence ?

    When was it noticed ?
    Do you have logs PRIOR to then ?

    If possible, a 'new' machine, fresh install, to get you away ?

    How complete are your back-ups ?
    Can you veriffy the integrity of the back ups ?

    Do you have ANY disgruntled EX-employees ?

    just some thoughts.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  7. #7
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Anytime I have seen a network mysteriously go down it's been a DOS attack. Either from the internet or from some mallware inside on a users PC. Last 2 cases were a worm attacking from the internet that would take about 10 minutes to flood the main router and in another case, some one who installed some marketing "tool" that turned out to be cranking out 1000s of emails thus making the DNS servers unreachable.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Where is the server and the workstations getting their time from. If there is too large a difference between the DC and the workstations then the network can drop because the DC will start rejecting the connections due to the time discrepancy.

    Seen it once when I messed up a servers time.... a large number of clients that had probably used it as the login server just dropped right off the network.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    he network just randomly goes down every few minutes (~15min) or so.
    Do you have a backup battery that is failing knocking off your hardware? I've had that problem on a set of switches before. It didn't bring down my whole network though... just a couple of segments.

    What do the system logs say? They've got to be giving you *some* information.

    Are you physcially in front of the hardware when it goes down? Do you notice anyting strange? Unusual blinking lights? Power cycle of your switches? etc?
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  10. #10
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    I am ALMOST tempted to try this....

    Seen it once when I messed up a servers time....
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •