Announcement

Collapse
No announcement yet.

Wierd AD problem with Virtual DCs

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wierd AD problem with Virtual DCs

    OK -- this one has got me stumped -- its my home test network:
    Environment -- one physical DC
    Added a virtual DC (Server2003 on HyperV 2008 Enterprise box)
    Install of the OS went fine, as did join to domain
    DCPromo looked fine -- no errors, but on reboot it gave error
    Security Accounts Manager initialisation failed... Directory Service cannot start. Error Status: 0xc00002e1...
    Tried a couple of times with 2003 and 2008 virtual machines and got the same each time
    During this I went back to the physical DC, started in DSRM and ran all the integrity checks and did an authoritative restore -- still the same problem with the virtual DC (and yes, I did use different names and IPs and cleaned up AD between attempts

    Then... I installed another one on a different physical box (same ISO image, same - technet - product key) and the damn thing seems to be working perfectly!
    All I can think is it is a problem with the physical hardware (AMD Quad Core, 8Gb RAM) but WHY would this only show up when AD attempts to run?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

  • #2
    Re: Wierd AD problem with Virtual DCs

    That does sound odd.

    Could you clarify your physical and virtual environment more?

    Here is what I think your set up is:

    You have three physical machines available, one running as a DC and one running hyperv, and another that you installed AD on to as a test. The hyperv machine is the AMD machine. This is the physical machine on which the vms are having AD problems.

    Can you install AD directly onto the physical AMD machine? Without anything else running. I am unsure if you have tried that already.

    mlum

    Comment


    • #3
      Re: Wierd AD problem with Virtual DCs

      Actually, the only time I have seen anything like this was when I restored a slightly out of date DC that was running in a VM. The highwater mark was out of sync with what the existing DC thought it should be. Therefore the restored DC just wouldn't run as a DC. Can anything like that be happening in your environment?

      mlum

      Comment


      • #4
        Re: Wierd AD problem with Virtual DCs

        Thanks for the reply:
        Physical DC -- old AMD 3000 (single core) 2 GB running Server 2003 R2 Ent SP2 on a RAID 1 array

        Physical HyperV -- AMD Phenom 9950 (2.6 GHz) Quad Core with 8 GB (4x2 RAM) and a RAID 5 array -- Server 2008 Datacentre x64 (Technet version). Dual NiCs, one for HyperV
        Running a virtual machine (single core, 2GB) with 2008 Datacentre and MOSS -- no issues here
        This is the box that caused the problems

        Physical AMD x64 4200+ (2.2 GHz Dual Core) with 4GB RAM and RAID 5 -- Server 2008 Enterprise (Technet). Mainly used for backups / WSUS
        This is the box I successfully installed the vDC on

        Everything patched fully (including September Patch Tuesday)

        The working vDC (on AMD x64) is Server 2008 Ent, 768Mb RAM, single core and one VHD (default settings)

        There is also an Exchange 2007 server in the environment on a separate physical box

        TBH I don't want to install AD on either of the physical boxes as IF it crashes, I will more or less have to do a complete reinstall. I have other physical kit and I am going to try moving a failed vDC to the good box to see what (if anything) goes on

        OK -- part 2
        Exported the failed vDC from the Phenom to the x64 box
        Restarted -- same error
        Restarted in DSRM, ran NTDSUtil Files Repair and Semantic Database Analysis fixup
        Deleted all log files
        Restarted in normal mode
        All OK
        Now away to dcpromo it down and try again on the Phenom box with a new built DC (pretty sure I did all that before but didnt document so worth another try)

        Anyone got any other advice -- esp hardware tests I could run
        Last edited by Ossian; 13th September 2009, 07:52.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Wierd AD problem with Virtual DCs

          Could you check the DC that is workings systems logs? Reboot the dodgy DC and check to see if anything is recorded in the good DCs logs. I'm pretty sure when I had a similar issue that the DC that was working logged error messages about the corrupt DC. Check the bad DC logs as well of course, if you haven't already

          My hunch is that this isn't hardware related but is there a way you could stick in another disk and install windows on that without affecting your current setup? Use and IDE disk, or stick in another SCSI/SATA controller?

          mlum

          Comment


          • #6
            Re: Wierd AD problem with Virtual DCs

            Check these out:

            http://support.microsoft.com/kb/875495/
            http://support.microsoft.com/kb/888794

            A

            Comment


            • #7
              Re: Wierd AD problem with Virtual DCs

              Here is a good page with info about potential problems which virtual DCs can face:

              http://technet.microsoft.com/en-us/l...8WS.10%29.aspx

              mlum

              Comment


              • #8
                Re: Wierd AD problem with Virtual DCs

                Perhaps its a driver issue? Some sort of corrupting of the IP header?
                GoogleFu is strong with this one ^

                Comment

                Working...
                X