server 2008 lost connection with the domain controller
Hi there,
We have a Server 2008 R2 Standard tha have been working fine for a year.
but somehow, about 2-3 weeks ago, it occasionally lost connection with DC.
what was changed:
- update backup exec to ver. 2010 R3
- update vRanger Backup & Replication to ver. 5
- update windows via windows update as usual
This server only used for backup purposes and
doesn't run any domain services.
when it lost connection, it failed to:
- access any network resources (e.g.: \\server\share)
- can't open any web pages (whatever typed on the address bar, it returns with http:///)
but strangely enough, it can still ping stuff fine.
doing a restart will make it work again but this proved to be a temporary solution.
there are 3 error messages that are frequently occurring (especially the NETLOGON and Group Policy errors):
------------------------------------
Log Name: System
Source: Schannel
Date: 20/05/2011 6:16:29 PM
Event ID: 36870
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: host.domain.com
Description:
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
--> I don't know if this is related or a separate matter altogether, but I found this:
http://www.zerohoursleep.com/2010/11/a-fatal-error-occurred-when-attempting-to-access-the-ssl-server-credential-private-key/
------------------------------------
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 22/05/2011 4:03:58 PM
Event ID: 1054
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: host.domain.com
Description:
The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
------------------------------------
Log Name: System
Source: NETLOGON
Date: 22/05/2011 4:16:49 PM
Event ID: 5719
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: host.domain.com
Description:
This computer was not able to set up a secure session with a domain controller in domain DOMAIN due to the following:
The RPC server is unavailable.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified
domain.
------------------------------------
There's a post with similar issue to min:
http://social.technet.microsoft.com/forums/en-us/exchangesvrgeneral/thread/73D8E61A-8EFB-4CBC-A158-96B74EEA8548
but unfortunately there's no detail on what the steps taken to fix this.
I really appreciate any help on this!Andrew P.
May 23rd, 2011 3:03am
Hello,
this is a connectivity problem.
Please use nslookup to check that you are able to solve DNS records correctly.
Also, please make sure that you routes are well configured and that there is no firewall blocking traffic.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner
Microsoft Certified Professional
Microsoft Certified Systems Administrator: Security
Microsoft Certified Systems Engineer: Security
Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Free Windows Admin Tool Kit Click here and download it now
May 23rd, 2011 3:34am
thanks for the reply.
the server is currently running fine (restarted this morning) so running nslookup returns with the correct server name/IP address.
I will run this again when it encounter the issue.
the routes (I assume the physical connections + IP config) are configured correctly.
It has static IP and, again, has no changes for the last 6 months or so + working fine until 2-3 weeks ago.
Windows firewall has been disabled. and there's no security software currently installed.
more info: when the connectivity was lost, the network & sharing center didn't report anything.
the "map" shows as having internet connection and can't the problem.Andrew P.
May 23rd, 2011 3:56am
Please post ipconfig /all on all your DCs and the faulty server.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner
Microsoft Certified Professional
Microsoft Certified Systems Administrator: Security
Microsoft Certified Systems Engineer: Security
Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Free Windows Admin Tool Kit Click here and download it now
May 23rd, 2011 4:04am
Hi,
If there is any update on this issue, please feel free to let us know.
We are looking forward to your reply.
BrentPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
May 27th, 2011 12:14am
apologies for the late reply.
we're swamped with several issues this week.
this server also has several issues (with some failed software/database connection) that might contribute to it so we're trying to fix the others first and see if this resolve the disconnection issues.
I'll update this in a week.Andrew P.
Free Windows Admin Tool Kit Click here and download it now
May 27th, 2011 5:20am
yep. once we fixed the software thingy, everything went fine.
still not sure why the software would cause those things but at least the errors haven't been occurring since 24th.Andrew P.
May 29th, 2011 8:29pm