Re: Active directory problem

From: Zuhaib (anonymous_at_discussions.microsoft.com)
Date: 03/06/04 

Date: Fri, 5 Mar 2004 20:21:46 -0800

I have disabled antivirus software and will see AD problem
reoccurs or not.

I will also mention that same antivirus software is
running on both Aditional domain controller server and the
root domain controller server and active directory
corrupts on only root domain controllers not on additional
domain controllers.

I am stucked with this Active directory corruption problem
and is in dying need for this problem to be fixed as soon
as possible.

I will appreciate if you can throw some light on below two
error messages

----------
NTDS (264) Synchronous read page checksum error -1018
((1:483 1:483) (0-145738) (0-209745)) occurred. Please
restore the databases from a previous backup

----------

The Directory Service consistency checker has noticed
that 2 successive replication attempts with CN=NTDS
Settings,CN=APPSRV04,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=abc,DC=com have
failed over a period of 63269 minutes. The connection
object for this server will be kept in place, and new
temporary connections will established to ensure that
replication continues. The Directory Service will continue
to retry replication with CN=NTDS
Settings,CN=APPSRV04,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=abc,DC=com; once
successful the temporary connection will be removed.

>-----Original Message-----
>How about temporarily disabling your antivirus software
for a few days
>and see if the problem still occurs.
>
>Zuhaib wrote:
>>
>> The root domain controller is taking much longer time to
>> reboot. The event log on root domain controller is
showing
>> messages as shown at the last of this message. The
>> additional domain controller is working fine... means
the
>> event log is clear (no error messages). Since Active
>> directory on root Domain controller is curropt as shown
by
>> the messages below, so there is no replication going on
to
>> the additional domain controller.
>>
>> There are no power outages.
>>
>> Only AD is becoming corrupt, all other parts of OS and
>> file system are fine.
>>
>> Service pack 4 is installed on the server.
>>
>> I am using Quick Heal Antivirus software on both root
and
>> additional domain controller.
>>
>> To recover from corrupt DC, I restore system state.
After
>> restoring system state the DC works fine for one to
three
>> days and then AD become corrupt again.
>>
>> >-----Original Message-----
>> >During the 3-6 days, what is happening with the
servers?
>> Are they being
>> >rebooted? Unexpected power outages? Are other parts
of
>> the OS also
>> >becomming corrupt or just AD?
>> >
>> >What SP and patch level are you at?
>> >
>> >What antivirus software are you using?
>> >
>> >How are you recovering them? Is it possible that one
>> corrupt DC is
>> >replication to the others, and thereby spreading the
>> problem?
>> >
>> >Zuhaib wrote:
>> >>
>> >> Please.......
>> >> I will highly appreciate if someone can give expert
>> >> opinion on below.
>> >>
>> >> I will be gratefull.
>> >>
>> >> ----------------
>> >>
>> >> Hi,
>> >> I have installed active directory on many servers
and on
>> >> each server, about after 3 to 6 days, active
directory
>> >> becomes curropt. Below are the messages that are
>> displayed
>> >> in event log. Please advise.
>> >> Note: I have not integrated DNS with active
directory,
>> >> also it is significant to note that the additional
>> domain
>> >> controller is working fine and the above problem is
>> >> occurring on root domain controllers.
>> >>
>> >> Thanx
>> >>
>> >> ---------------------------------------------------
>> >>
>> >> vent Type: Error
>> >> Event Source: NTDS ISAM
>> >> Event Category: Database Page Cache
>> >> Event ID: 404
>> >> Date: 3/3/2004
>> >> Time: 8:07:27 AM
>> >> User: N/A
>> >> Computer: APPSRV07
>> >> Description:
>> >> NTDS (264) Synchronous read page checksum error -1018
>> >> ((1:483 1:483) (0-145738) (0-209745)) occurred.
Please
>> >> restore the databases from a previous backup.
>> >>
>> >> ----------------------------------------------------- 

---
>> ---
>> >>
>> >> Event Type:     Error
>> >> Event Source:   NTDS ISAM
>> >> Event Category: Online Defragmentation
>> >> Event ID:       705
>> >> Date:           3/3/2004
>> >> Time:           8:07:27 AM
>> >> User:           N/A
>> >> Computer:       APPSRV07
>> >> Description:
>> >> NTDS (264) Online defragmentation of
>> >> database 'C:\WINNT\NTDS\ntds.dit' terminated 
prematurely
>> >> after encountering unexpected error -1018. The next 
time
>> >> online defragmentation is started on this database, 
it
>> >> will resume from the point of interruption.
>> >>
>> >> -----------------------------------------------------
---
>> ---
>> >>
>> >> Event Type:     Error
>> >> Event Source:   NTDS General
>> >> Event Category: (18)
>> >> Event ID:       1126
>> >> Date:           3/3/2004
>> >> Time:           8:07:42 AM
>> >> User:           Everyone
>> >> Computer:       APPSRV07
>> >> Description:
>> >> Unable to establish connection with global catalog.
>> >>
>> >> -----------------------------------------------------
---
>> ---
>> >>
>> >> Event Type:     Information
>> >> Event Source:   NTDS KCC
>> >> Event Category: (1)
>> >> Event ID:       1308
>> >> Date:           3/3/2004
>> >> Time:           9:42:40 AM
>> >> User:           N/A
>> >> Computer:       APPSRV07
>> >> Description:
>> >> The Directory Service consistency checker has noticed
>> that
>> >> 2 successive replication attempts with CN=NTDS
>> >> Settings,CN=APPSRV04,CN=Servers,CN=Default-First-
Site-
>> >> Name,CN=Sites,CN=Configuration,DC=pndy,DC=mil have
>> failed
>> >> over a period of 63269 minutes.  The connection 
object
>> for
>> >> this server will be kept in place, and new temporary
>> >> connections will established to ensure that 
replication
>> >> continues. The Directory Service will continue to 
retry
>> >> replication with CN=NTDS
>> >> Settings,CN=APPSRV04,CN=Servers,CN=Default-First-
Site-
>> >> Name,CN=Sites,CN=Configuration,DC=pndy,DC=mil; once
>> >> successful the temporary connection will be removed.
>> >>
>> >> -----------------------------------------------------
---
>> ---
>> >>
>> >> File replicaiton service Log
>> >>
>> >> Event Type:     Warning
>> >> Event Source:   NtFrs
>> >> Event Category: None
>> >> Event ID:       13508
>> >> Date:           3/3/2004
>> >> Time:           9:41:13 AM
>> >> User:           N/A
>> >> Computer:       APPSRV07
>> >> Description:
>> >> The File Replication Service is having trouble 
enabling
>> >> replication from APPSRV04 to APPSRV07 for
>> >> c:\winnt\sysvol\domain using the DNS name
>> >> appsrv04.pndy.mil. FRS will keep retrying.
>> >>  Following are some of the reasons you would see this
>> >> warning.
>> >>
>> >>  [1] FRS can not correctly resolve the DNS name
>> >> appsrv04.pndy.mil from this computer.
>> >>  [2] FRS is not running on appsrv04.pndy.mil.
>> >>  [3] The topology information in the Active Directory
>> for
>> >> this replica has not yet replicated to all the Domain
>> >> Controllers.
>> >>
>> >>  This event log message will appear once per 
connection,
>> >> After the problem is fixed you will see another event
>> log
>> >> message indicating that the connection has been
>> >> established.
>> >> Data:
>> >> 0000: 00 00 00 00               ....
>> >>
>> >> -----------------------------------------------------
---
>> ---
>> >>
>> >> System Log
>> >>
>> >> Event Type:     Error
>> >> Event Source:   SAM
>> >> Event Category: None
>> >> Event ID:       16650
>> >> Date:           3/3/2004
>> >> Time:           9:46:39 AM
>> >> User:           N/A
>> >> Computer:       APPSRV07
>> >> Description:
>> >> The account-identifier allocator failed to initialize
>> >> properly.  The record data contains the NT error code
>> that
>> >> caused the failure.  Windows 2000 will retry the
>> >> initialization until it succeeds; until that time,
>> account
>> >> creation will be denied on this Domain Controller.
>> Please
>> >> look for other SAM event logs that may indicate the
>> exact
>> >> reason for the failure.
>> >> Data:
>> >> 0000: a7 02 00 c0               §..À
>> >.
>> >
>.
>

Relevant Pages

  • Re: Site issues
    ... I used AD sites and services connected to DC1 in site A where connection ... object was missing and added a connection object manually. ... Replication Service while polling the Domain Controller DC4 for FRS replica ...
    (microsoft.public.windows.server.active_directory)
  • Re: multiple errors in Active Directory
    ... The File Replication Service is having trouble enabling replication from ... FRS will keep retrying. ... This event log message will appear once per connection, ... Source domain controller address: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Active directory problem
    ... The root domain controller is taking much longer time to ... The event log on root domain controller is showing ... so there is no replication going on to ...
    (microsoft.public.win2000.active_directory)
  • Re: AD Error - Urgent
    ... Anyone can answer me about this error in my Domain Controller ... SERVER - Este servidor possui GC e FSMO ... Active Directory was unable to establish a connection with the global ... The File Replication Service is having trouble enabling replication from ...
    (microsoft.public.windows.server.active_directory)
  • Re: AD Error - Urgent
    ... Anyone can answer me about this error in my Domain Controller ... SERVER - Este servidor possui GC e FSMO ... Active Directory was unable to establish a connection with the global ... The File Replication Service is having trouble enabling replication from ...
    (microsoft.public.windows.server.active_directory)