Mombu the Microsoft Forum sponsored links

Go Back   Mombu the Microsoft Forum > Microsoft > 2003 DFS Freeze
User Name
Password
REGISTER NOW! Mark Forums Read

sponsored links


Reply
 
1 22nd June 17:50
bc-w2k3s bˬ*h(~(
External User
 
Posts: 1
Default 2003 DFS Freeze


I have 3 2003 Standard Servers on the network. 2 are DC, 1 is DevBox. One DC
is a FileServer/PDC. The other is an Exchange Box/Web Server.
Our small network is a mix of 2000 Pro and xp Pro workstations.
Over the past 10 months of sleuthing, I've been running down a recurring
problem that locks up the Windows Explorer functions. Alternative access
methods still work...such as Remote Desktop. Windows Explorer functions until
any type of network link is focused. It took about 6 months to work out that
the freeze can be reset by simply restarting the DFS on the FileServer.
It was not until just a couple of weeks ago that I discovered that the
culprit is somehow tied to the 2000 Pro workstations when they access 2000
Office files located on network shares. I can regularly duplicate this on a
random assortment of 2000 workstations. I can NOT make it occur on an XP Pro
workstation. To make it occur, as an example, open and close and Excel file 5
times. On the fifth time, DFS will lockup on the file server and require a
restart. Windows Explorer Service will be completely frozen out, too. And,
when that happens, anyone on the network who attempts to access shares to the
fileserver will lose access to the explorer service.
DFS was enabled by default. However, we have never used it, set it up and
have had no luck in finding out what the link is.
We have tinkered only minorly with the DFS settings. We discovered that, if
disabled/stopped, the logon scripts ceased to run when our users logged onto
the system.

We are talking about a network of less than 30 workstations. Half are XP
Pro, Half are 2000 Pro. Is there a registry setting that needs to be set on
the 2K machines? Every machine in the house is updated, cleaned of viruses
and spam/adware.
Any help would be appreciated.
Thanks!
  Reply With Quote


  sponsored links


2 22nd June 17:50
glenn l
External User
 
Posts: 1
Default 2003 DFS Freeze


You need the DFS service running on the DC for the SYSVOL referrals. XP and
W2K will use the DFS service to get DFS referals to the SYSVOL replica
members. SYSVOL is actually a domain based DFS root. If you type
\\domainFQDN\SYSVOL , it will utilize the DFS service on the DC to refer you
to a DC that hosts SYSVOL.
It must stay running.

Are there any errors on the W2K boxes or the file server when the issue is
reproduced?
Do you have antivirus running on the file server? Try disabling it and
attempt to reproduce the issue.

This sounds like a good candidate for a Microsoft PSS case.

--
Glenn L
CCNA, MCSE 2000/2003 + Security
  Reply With Quote
3 22nd June 17:50
bc-w2k3s bˬ*h(~(
External User
 
Posts: 1
Default 2003 DFS Freeze


I neglected to mention that. I tried disabling the antivirus program on the
server last week. After turning it off, I uninstalled it and rebooted the
server.
I tried the \\domain\sysvol. It erred: "The network path was not found."
Now, here's a question. When the servers were setup, we never touched DFS.
It wasn't something we'd ever needed to concern ourselves with because
everything was on a single DC. Did we miss the boat? In looking at DFS, even
the root is undefined. I tried 'Show Root' and tpying in the
\\domain\sysvol\. "The specified DFS root does not exist." was the reultant
message.
As this was not configured past what the default installation would have
done, should we now?
Thanks Glen
  Reply With Quote
4 30th June 18:26
glenn l
External User
 
Posts: 1
Default 2003 DFS Freeze


\\domain\sysvol is a special DFS root setup when you install your first DC.
It is not a managable DFS root from the DFS snapin.

Where are you trying \\domain\sysvol when it errors out with network path
not found?
Is the DFS service running on the DC (and not frozen) when you try
\\domain\sysvol ?


--
Glenn L
CCNA, MCSE 2000/2003 + Security
  Reply With Quote
5 30th June 18:26
bc-w2k3s bˬ*h(~(
External User
 
Posts: 1
Default 2003 DFS Freeze


I remoted in to the fileserver. And, from there, opened up a command prompt
and typed it in. I tried it a few different ways to make sure I was doing it
correctly.
\\domain\sysvol
\\server\sysvol
\\server.domain.com\sysvol
\\domain.com\sysvol
I even looked on the system to make sure the services and operations master
and misc info was functioning. Checked out. I ran a netdiag and came up with
no errors. The only events that get logged are the reset dfs service events.
I have tried various system monitors to no avail.
Standing at the server itself, in full explorer lockdown mode. I can say
that the CPU is running at 2-3% and minimal memory usage consistently. Dual
P4s and 1G Ram on 15 month old board.
Both the XP and the 2000 workstations use the same version of Office 2000
Pro. Yet, only the 2000 workstations trigger the DFS lockdown. I might add
that the DFS does fix itself after about 10 minutes if it is not manually
restarted. Considering the 10 timeout is a default in 2003 server, it seems
to me that there is an 'unlisted' service that the system waits to fail
before it continues. Is there a way to get the server to report what services
are currently waiting? or trying to run? I've watched the Task Manager while
I reset the DFS, nothing happens there, either.
I'm about at the point of throwing caution to the wind and loading up that
new service pack. Of course...being a production server...I'm not quite that
crazy...yet.
  Reply With Quote
6 30th June 18:26
glenn l
External User
 
Posts: 1
Default 2003 DFS Freeze


run a DCDIAG /v and post the results to this thread.


--
Glenn L
CCNA, MCSE 2000/2003 + Security
  Reply With Quote
7 30th June 18:26
bc-w2k3s bˬ*h(~(
External User
 
Posts: 1
Default 2003 DFS Freeze


I ran the test and had it export to a log file. I then ran it again while
dfs was frozen. They came up as identical logs. For reference, I renamed the
servername to Server1 and domain to DomainName.

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine Server1, is a DC.
* Connecting to directory service on server Server1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site\Server1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... Server1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site\Server1
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=DomainName,DC=com
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=DomainName,DC=com
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=DomainName,DC=com
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=DomainName,DC=com
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=DomainName,DC=com
Latency information for 3 entries in the vector were ignored.
3 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
......................... Server1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
DC=TAPI3Directory,DC=DomainName,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=ForestDnsZones,DC=DomainName,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=DomainName,DC=com
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=DomainName,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=DomainName,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=DomainName,DC=com
(Domain,Version 2)
......................... Server1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... Server1 passed test NetLogons
Starting test: Advertising
The DC Server1 is advertising itself as a DC and having a DS.
The DC Server1 is advertising as an LDAP server
The DC Server1 is advertising as having a writeable directory
The DC Server1 is advertising as a Key Distribution Center
The DC Server1 is advertising as a time server
The DS Server1 is advertising as a GC.
......................... Server1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
Role Domain Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
Role PDC Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
Role Rid Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
......................... Server1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4105 to 1073741823
* Server1.DomainName.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1105 to 1604
* rIDPreviousAllocationPool is 1105 to 1604
* rIDNextRID: 1178
......................... Server1 passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/Server1.DomainName.com/DomainName.com
* SPN found :LDAP/Server1.DomainName.com
* SPN found :LDAP/Server1
* SPN found :LDAP/Server1.DomainName.com/DomainName
* SPN found
:LDAP/dc630939-c045-4265-bebd-edc2eaa2740a._msdcs.DomainName.com
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/dc630939-c045-4265-bebd-edc2eaa2740a/DomainName.com
* SPN found :HOST/Server1.DomainName.com/DomainName.com
* SPN found :HOST/Server1.DomainName.com
* SPN found :HOST/Server1
* SPN found :HOST/Server1.DomainName.com/DomainName
* SPN found :GC/Server1.DomainName.com/DomainName.com
......................... Server1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... Server1 passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
Server1 is in domain DC=DomainName,DC=com
Checking for CN=Server1,OU=Domain Controllers,DC=DomainName,DC=com
in domain DC=DomainName,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m
in domain CN=Configuration,DC=DomainName,DC=com on 1 servers
Object is up-to-date on all servers.
......................... Server1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... Server1 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... Server1 passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15
minutes.
......................... Server1 passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... Server1 passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)

CN=Server1,OU=Domain Controllers,DC=DomainName,DC=com and backlink on


CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m

are correct.
The system object reference (frsComputerReferenceBL)

CN=Server1,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=DomainName,DC=com

and backlink on CN=Server1,OU=Domain
Controllers,DC=DomainName,DC=com are

correct.
The system object reference (serverReferenceBL)

CN=Server1,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=DomainName,DC=com

and backlink on

CN=NTDS
Settings,CN=Server1,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=DomainName,DC=co m

are correct.
......................... Server1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences

Running partition tests on : TAPI3Directory
Starting test: CrossRefValidation
......................... TAPI3Directory passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... TAPI3Directory passed test CheckSDRefDom

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : DomainName
Starting test: CrossRefValidation
......................... DomainName passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainName passed test CheckSDRefDom

Running enterprise tests on : DomainName.com
Starting test: Intersite
Skipping site Default-First-Site, this site is outside the scope

provided by the command line arguments provided.
......................... DomainName.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\Server1.DomainName.com
Locator Flags: 0xe00001fd
PDC Name: \\Server1.DomainName.com
Locator Flags: 0xe00001fd
Time Server Name: \\Server1.DomainName.com
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\Server1.DomainName.com
Locator Flags: 0xe00001fd
KDC Name: \\Server1.DomainName.com
Locator Flags: 0xe00001fd
......................... DomainName.com passed test FsmoCheck
  Reply With Quote
Reply


Thread Tools
Display Modes




Copyright 2006 SmartyDevil.com - Dies Mies Jeschet Boenedoesef Douvema Enitemaus -
666