No announcement yet.

Serious AD problems - Help!!!!!!

  • Filter
  • Time
  • Show
Clear All
new posts

  • Serious AD problems - Help!!!!!!

    I suddenly started having some serious AD issues which have now degenerated to the point where users cannot log in and Exchange will not work.

    Any help gratefully received as this has now been going on for 2 days!

    I have 2 DCs, Dyson and Sphere, each running windows server 2008- one is running hyper-v and one is a VM.
    I have recently been getting loads of errors to do with ntfrs, group policy failure, there is no sysvol or netlogon share appearing and exchange won't work.
    seems like a DNS issue but all the SRV entries appear to be there. I've already tried deleting and recreating the DNS files as well as the NTFRS jet files.
    each server is single-homed and only points to internal DNS. Forwarders are external ISP DNS.

    some other things.
    NETDOM QUERY <> commands fail on both DCs with error 'the specified domain either does not exist or could not be contacted'
    nltest / fails on both DCs with error 1355 0x54b ERROR_NO_SUCH_DOMAIN

    A DCDIAG will fail the Advertising test.

    On both DCs an NSLOOKUP can resolve the FQDN and netbios name of both servers. it will also return the ip addresses of both servers when the domain name is entered at the prompt.

    As I said before, any help is gratefully appreciated. I've attached the ipconfig and dcdiag files as well as the dns table.
    Attached Files

  • #2
    Re: Serious AD problems - Help!!!!!!

    Where did you get the idea that deleting jet files would help? You'll need to rebuild all the replica sets but since that wasn't even the cause of the problem you're probably FUBAR.


    • #3
      Re: Serious AD problems - Help!!!!!!

      It was earlier on in the process when I thought it was an ntfrs issue and was per the following article

      Anyway, I think the issue is DNS related.

      DsGetDCname fails on the DCdiag but manual NSLOOKUPS of all the _msdcs and SRV records succeed


      • #4
        Re: Serious AD problems - Help!!!!!!

        I am also having some very strange behaviour - the dcdiag intermittently passes the advertising test but without any changes to the configuration, a few minutes later it fails it.


        • #5
          Re: Serious AD problems - Help!!!!!!

          Try taking one of the DCs offline and seeing if you can fix the other, then building a new one
          (or if you have the option, restore the FSMO holder from backup and then build a second new DC

          So maybe replace Dyson+Sphere with Ring+World
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd

          ** Remember to give credit where credit is due and leave reputation points where appropriate **