Re: Domain Controller Stops Processing All Login Requests Randomly

> I just want to be clear on what repair does and what the system state will
> be after a repair. In a perfect world, everything will be as it was
before
> the repair except the core OS binaries that were corrupt or overwritten
will
> be replaced/installed? Theoretically I won't loose any data, the AD, or
any
> custom settings?

You will first make a backup so it is entirely safe. <grin>

And it is reasonably safe anyway.

Boot from the original CDROM, choose install to the same location
as the current OS and MAKE SURE it offers to (and you select)
repair the system.

It will leave apps and data in place but will repair the DLLs etc.

Afterwards you should check with Windows Update to make sure
the machine is fully patched.

If your problem is due to corruption (we don't know this) then it
will likely repair it.

BTW, if you don't have a backup you should have one anyway so
that isn't really an "extra" step.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

"Josh-UCDHSC" <noJCspam@xxxxxxxxxxxxx> wrote in message
news:uswYTIdUFHA.544@xxxxxxxxxxxxxxxxxxxxxxx
> It just happened again. This is so frustrating. You mentioned a repair
> install and described it as relatively safe. So I just boot off the
Win2k3
> CD, do the repair and theoretically it should majically reboot to it's
good
> old self? I will backup the entire system to tape with Veritas Backup
Exec.
> I just want to be clear on what repair does and what the system state will
> be after a repair. In a perfect world, everything will be as it was
before
> the repair except the core OS binaries that were corrupt or overwritten
will
> be replaced/installed? Theoretically I won't loose any data, the AD, or
any
> custom settings?
>
> When the system stops responding to clients and I am logged into the DC I
> can't start task manager with ctrl-alt-del or ctrl-shift-esc I have to do
> "start"->"run" and type taskmgr. Also, I tried to start an mmc.exe
> application, dnsmgmt.msc, while the server was zombied and it caused an
> "Application Hang" Event ID 1002, Catagory (101) and a fault bucket Event
ID
> 1001.
>
> "Hanging application mmc.exe, version 5.2.3790.0, hang module hungapp,
> version 0.0.0.0, hang address 0x00000000."
>
>
> I understand if you're busy, maybe we can work something out when you free
> up. RA should be relatively simple to get working, there is no NAT and
the
> firewall is easy to shutdown :).
>
> Maybe I'll try to give you a call,
>
> JC
>
> "Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
> news:uX3YrwbUFHA.1200@xxxxxxxxxxxxxxxxxxxxxxx
> > "Josh-UCDHSC" <noJCspam@xxxxxxxxxxxxx> wrote in message
> > news:OPzhDEZUFHA.2892@xxxxxxxxxxxxxxxxxxxxxxx
> >> Comments inserted below~
> >> Would you like to have a look at things? I could setup Remote
> > Assistance...
> >
> > I might, but unless you already have RA working then we are going to
> > have to ditz around with firewalls/NATs probably.
> >
> > [I wrote the following lines last -- after interspersing comments all
> > the way down.]
> >
> > Normally, I would say yes -- but I am running a little ragged right now.
> >
> >
> > I usually offer to let people call so if you think it will help go
ahead.
> >
> > But you seem pretty competent and if you have checked all of the DCDiag
> > (or equivalent) stuff, and are sure about checking the DNS then that is
> > all I would likely be doing.
> >
> > You might chase down that missing role holder (unless it was just a
> > spurious RPC error.)
> >
> > Or the "REPAIR" install. You should back up first, but I have never
> > hurt a machine doing that -- and yet to fail to recover one either.
> > Repair
> > install is the best kept secret in Windows these days.
> >
> > [...more inline...]
> >
> >> >> DNS Server Addresses, in order of use:
> >> >> 132.194.21.250
> >> >> 132.194.21.96
> >> >
> >> > Are these both holding the SAME exact zone (now)?
> >>
> >> Yes. They are both holding the same exact zone.
> >
> > Good.
> >
> >> > They both must do that.
> >
> >> > Irrelevant, but usually unnecessary -- the key is to
> >> > get the FULL computer name correct in the System
> >> > control panel, then this setting is never needed with
> >> > ONE NIC, and seldom needed with multiple NICs.
> >>
> >> This is set correctly, other than waimea is in all capital letters in
the
> >> System Control Panel.
> >
> > Caps don't matter, DNS is not case sensitive and although NetBIOS
> > is TECHNICALLY case sensitive, the machines always UPPERCASE
> > their computer name, domain names and such.
> >
> >> I took out the cudenver.edu to match the TCP/IP
> >> settings on the 2nd DC, which didn't have it. Network Load Balancing
was
> >> checked on the 2nd DC so I unchecked it as it is not doing any network
> > load
> >> balancing.
> >
> > Load balancing only makes sense if you have at least two
> > servers in NLB set.
> >
> >> It was interesting, when I had the cudenver.edu suffix entered
> >> running "nslookup waimea" about every second it would return
> >> "waimea.cudenver.edu" in the server field and the next time
> >> "waimea.coe.cudenver.edu". It would switch back and forth between the
> > two.
> >> When I took the cudenver.edu suffix out, "nslookup waimea" only lists
> >> "waimea.coe.cudenver.edu" in the server field.
> >>
> >> >
> >> >> "Register this connection's address in DNS" is checked
> >> >> "Use this connection's DNS suffix in DNS registration" is checked
> >> >
> >> > Same as previous.
> >> >
> >> >> > Are they all holding the Domain zone, or able to fully
> >> >> > resolve that zone?
> >> > Does the DNS server have the zone defined and have a
> >> > full copy of it (not some external partial copy of a zone
> >> > with the same name)?
> >>
> >> Yes both DCs have the same zone set.
> >
> >
> >
> >> >> Domain Controller Diagnosis
> >> >>
> >> >> Performing initial setup:
> >> >> * Verifying that the local machine WAIMEA, is a DC.
> >> >> * Connecting to directory service on server WAIMEA.
> >> >> [WAIMEA] Directory Binding Error 1753:
> >> >> There are no more endpoints available from the endpoint mapper.
> >> >
> >> > This error is disturbing -- has someone been messing
> >> > with the registry in an attempt to alter the way that the
> >> > RPC server works?
> >>
> >> No, I think the problem is with the version of dcdiag used. To
generate
> >> this data I used MPSRPT_DirSvc.EXE instead of dcdiag.
> >> Using "dcdiag" doesn't show the problems.
> >
> > There is a later version of DCDiag at the MS site.
> >
> > I always use it.
> >
> >> > If not you may have a corrupted DC which would benefit
> >> > from a "REPAIR Install" (from the original CDROM.)
> >>
> >> I will consider this after the semester is over at the end of next
week.
> >> Running a regular dcdiag doesn't show the endpoint mapper problem.
> >
> > Oh.
> >
> >
> >> > How many IP addresses does this DC have? How many NICs?
> >>
> >> This server has 4 NICs. All but one are disabled.
> >
> > Only active ones with working IPs count. So that is good.
> > Some people get weird problems with multiple NICs or multiple
> > IPs being active.
> >
> >
> >> Are there any more advanced tools than dcdiag and the like? Is it
> > advisable
> >> to run windump on a Win2k3 DC?
> >
> > I can usually solve most any AD/DNS problem with DCDiag.
> >
> > You might look at ReplMon or RepAdmin though if you are having
> > replication problems.
> >
> > Sometimes you have to use NTDSUtil to clean out "dead" servers,
> > i.e., DCs that have died or been uninstalled.
> >
> >> >> PDC Name: \\WAIMEA.coe.cudenver.edu
> >> >
> >> > Has anyone every SEIZED a role (PDC Emulator) in this domain?
> >>
> >> No, not to my knowledge.
> >
> > I was CONSIDERING that maybe the role had been seized but the
> > other DCs hadn't replicated that info.
> >
> > Or a role was seized but the original role holder was still brought
> > back online (never do that latter.)
> >
> >> > Is this the only (current) DC? Has there every been more?
> >>
> >> This is the only current DC besides the 2nd active DC. There hasn't
been
> >> any other other than a test domain with a different name (coe-test)
which
> >> was running on a different machine and was shutdown months ago.
> >
> > Ok, then you likely don't have the "seize" issue. That makes for weird
> > and
> > unpredictable problems that might fit your circumstances though.
> >
> >> > For DNS check all of this:
> >> >
> >> >
> >> > DNS for AD
> >> > 1) Dynamic for the zone supporting AD
> >> > 2) All internal DNS clients NIC\IP properties must specify SOLELY
> >> > that internal, dynamic DNS server (set.)
> >> > 3) DCs and even DNS servers are DNS clients too -- see #2
> >> > 4) If you have more than one Domain, every DNS server must
> >> > be able to resolve ALL domains (either directly or
> > indirectly)
> >>
> >> Yep all of this checks out.
> >>
> >> Would you like to have a look at things? I could setup Remote
> >> Assistance,
> >> there could be something I am missing or don't understand. I could
give
> > you
> >> a call, my email is: josh.cady@xxxxxxxxxxxx if you want send me some
> > contact
> >> info.
> >>
> >> >
> >> > netdiag /fix
> >> >
> >> > ...or maybe:
> >> >
> >> > dcdiag /fix
> >> >
> >> > (Win2003 can do this from Support tools):
> >> > nltest /dsregdns /server:DC-ServerNameGoesHere
> >> > http://support.microsoft.com/kb/q260371/
> >> >
> >> > Ensure that DNS zones/domains are fully replicated to all DNS
> >> > servers for that (internal) zone/domain.
> >> >
> >> > Also useful may be running DCDiag on each DC, sending the
> >> > output to a text file, and searching for FAIL, ERROR, WARN.
> >> >
> >> >
> >> >
> >>
> >>
> >
> >
>
>


.

Relevant Pages

  • Re: Domain Controller Stops Processing All Login Requests Randomly
    ... do the repair and theoretically it should majically reboot to it's good ... application, dnsmgmt.msc, while the server was zombied and it caused an ... > But you seem pretty competent and if you have checked all of the DCDiag ... They are both holding the same exact zone. ...
    (microsoft.public.windows.server.dns)
  • Re: Domain Controller Stops Processing All Login Requests Randomly
    ... I backup the DCs and a few other servers using ... the grandfather-son-grandson backup scheme so not to worry on that, ... >> be after a repair. ... DCs that have died or been uninstalled. ...
    (microsoft.public.windows.server.dns)
  • Re: frustration with new computer
    ... > shows a bunch of messages including Master Boot Record Error. ... > Said the problem was spyware. ... > Should I take it back for repair. ... Backup your data and ask them to exchange the computer for a new one. ...
    (microsoft.public.windowsxp.hardware)
  • Re: Windows wont start!
    ... One way to fix the problem is to purchase a retail copy of XP media edition ... and use it to perform the repair installation. ... hard drives, ... Get a good backup program and do occassional backups of ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: dbcc repair_allow_data_loss
    ... You mean, that it's possible that data is lost and we do ... not have any information about this in the Log-File of the repair job? ... with a daily full backup and log backups every 15 mins. ...
    (microsoft.public.sqlserver.server)