No announcement yet.

Conficker and DC hangs

  • Filter
  • Time
  • Show
Clear All
new posts

  • Conficker and DC hangs

    HI Experts,

    I am having kind of a confusing issue. we are running Server 2003 R2 Active Directory in our environment and 3 root DCs and 8 child DCs. in 2009 January we were being hit by the Conficker worm and now we are running clean.

    But time to time some of child DC's are hang out and no response, RPC errors are appearing and the same time replication errors as well. Hard boot / reset is the only option for me now.

    someone please guide me to find the root cause such errors and rectify such issues.

    Thank you and best regards.

  • #2
    Re: Conficker and DC hangs

    The more info you can provide the more the members here can help. Network set-up/diagram, configuration, any errors within event viewer etc


    • #3
      Re: Conficker and DC hangs

      Please configure AD plus Dump to find the root cause of the issue.

      3) ADPLUS hang dump of AD process:
      In order to use the adplus.vbs, here are the suggested steps:
      1. Download the Debugging tool from the link given below:

      For Windows 32-bit Version : Current Release version - April 29, 2008 Install 32-bit version [17.5 MB]

      2. Install the Debugging Tools for Windows under the default folder / default location shown by the debugger. (Default is >> %SystemDrive%\Program Files\Debugging Tools for Windows) on the Host server.
      3. Create a directory called C:\ADPLUS.
      4. Determine the Process ID <PID > of the process that you wish to monitor by looking at the < Process > tab in task manager, you will need this later.
      (Task Manager > View > Select Columns > Check the box “PID” if the PID are not shown on the processes tab).
      5. Open a command prompt and change the directory to location where debugging tools are installed.
      (Default is >> %SystemDrive%\Program Files\Debugging Tools for Windows). < ADPLUS.VBS > is in this default location.
      6. Type the following: “ cscript adplus.vbs -hang -p PID -o c:\adplus “ (without the quotes, where PID is the number you determined in step 2).
      7. Do not interfere with the windows that are when the tool is running. Just let it run minimized. You will not be able to log off the system while you are monitoring.
      8. When the service hang occurs, the dump will be written.
      9. Once the dump is generated, zip the “c:\adplus” directory and send it to the Application Vendor for analysis (to check why the service hung).
      For more information please see refer to this Knowledge Base article : 286350 HOWTO: Use Autodump+ to Troubleshoot "Hangs" and "Crashes" :
      Note: Please ignore the _NT_SYMBOL_PATH warning message.
      The above command will generate a memory dump.

      The dump file will be in the folder like Hang_Mode__Date_dd-mm-yyyy__Time_hh-mm-ssPM