I am running Exchnage 07. We get intermittent authentication drops and users get prompts to re-logon. As a new symptom, when I specify DC3, to run a best practice analyzer it says it cant connect and to try different credentails. I can use DC1 and DC2 for a BPA scan and it connects just like it should. I see no event log errors or any messages to help find whats causing the pain. Do you recommend that I dcpromo the machine down and back up into AD? the DC looks good so I'm not sure where the weirdness is coming from.

Sounds like you have some issues with AD health. I wouldn't just start dcpromo'ing things. Can you run a DCDiag and post the results? Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com

Sounds like you have some issues with AD health. I wouldn't just start dcpromo'ing things. Can you run a DCDiag and post the results? Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com Very true. Dcdiag results: Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\DC-3 Starting test: Connectivity ......................... DC-3 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\DC-3 Starting test: Replications ......................... DC-3 passed test Replications Starting test: NCSecDesc ......................... DC-3 passed test NCSecDesc Starting test: NetLogons ......................... DC-3 passed test NetLogons Starting test: Advertising Warning: DC-3 is not advertising as a time server. ......................... DC-3 failed test Advertising Starting test: KnowsOfRoleHolders ......................... DC-3 passed test KnowsOfRoleHolders Starting test: RidManager ......................... DC-3 passed test RidManager Starting test: MachineAccount ......................... DC-3 passed test MachineAccount Starting test: Services IsmServ Service is stopped on [DC-3] w32time Service is stopped on [DC-3] ......................... DC-3 failed test Services Starting test: ObjectsReplicated ......................... DC-3 passed test ObjectsReplicated Starting test: frssysvol ......................... DC-3 passed test frssysvol Starting test: frsevent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... DC-3 failed test frsevent Starting test: kccevent ......................... DC-3 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:30 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:31 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:31 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:32 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:32 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 14:44:32 (Event String could not be retrieved) ......................... DC-3 failed test systemlog Starting test: VerifyReferences ......................... DC-3 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : adomain Starting test: CrossRefValidation ......................... adomain passed test CrossRefValidation Starting test: CheckSDRefDom ......................... adomain passed test CheckSDRefDom Running enterprise tests on : adomain.com Starting test: Intersite ......................... adomain.com passed test Intersite Starting test: FsmoCheck ......................... adomain.com passed test FsmoCheck C:\>

Can you start the Windows Time Service (it appears to be stopped)? Should be set to Automatic. Then try to manually replicate with AD Sites and Services, see if you get any errors.Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com

Started w32 time, forced replication. C:\Program Files\Support Tools>dcdiag Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\-DC-3 Starting test: Connectivity ......................... -DC-3 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\-DC-3 Starting test: Replications ......................... -DC-3 passed test Replications Starting test: NCSecDesc ......................... -DC-3 passed test NCSecDesc Starting test: NetLogons ......................... -DC-3 passed test NetLogons Starting test: Advertising ......................... -DC-3 passed test Advertising Starting test: KnowsOfRoleHolders ......................... -DC-3 passed test KnowsOfRoleHolders Starting test: RidManager ......................... -DC-3 passed test RidManager Starting test: MachineAccount ......................... -DC-3 passed test MachineAccount Starting test: Services IsmServ Service is stopped on [-DC-3] ......................... -DC-3 failed test Services Starting test: ObjectsReplicated ......................... -DC-3 passed test ObjectsReplicated Starting test: frssysvol ......................... -DC-3 passed test frssysvol Starting test: frsevent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems. ......................... -DC-3 failed test frsevent Starting test: kccevent ......................... -DC-3 passed test kccevent Starting test: systemlog An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:26 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:27 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:27 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:27 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:28 (Event String could not be retrieved) An Error Event occured. EventID: 0x00000457 Time Generated: 08/11/2010 15:55:28 (Event String could not be retrieved) ......................... -DC-3 failed test systemlog Starting test: VerifyReferences ......................... -DC-3 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : Starting test: CrossRefValidation ......................... passed test CrossRefValidation Starting test: CheckSDRefDom ......................... passed test CheckSDRefDom Running enterprise tests on : .com Starting test: Intersite ......................... .com passed test Intersite Starting test: FsmoCheck ......................... .com passed test FsmoCheck

Anyway to reboot that DC? After reboot, check all the event logs for errors.Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com

I can tomorrow morning. This machine had NIC driver package loaded and rebooted today, so it didnt come up with static IP. Thanks for all the help!

Any update on your issue?Tim Harrington - Catapult Systems - http://HowDoUC.blogspot.com