Badcaps.net Forum
Go Back   Badcaps Forums > Troubleshooting Hardware & Devices and Electronics Theory > Troubleshooting & Designing Networks
Register FAQ Calendar Search Today's Posts Mark Forums Read

 
Thread Tools Display Modes
Old 11-09-2013, 07:16 AM   #61
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

i would not clear the logs. Over time that will tell us a story on why and when.

I had one AD server that was so bad that it was having issues at a company i was called to do work on and everything pointed to an old virus that hit it and caused issues. I had to rebuild another one. I had no proof other than old registry entries and malware scan that showed too many issues.

how many people use to the server ? does this happen same time everytime ? Does it happen when people come in the day and everyone signs in in the morning at the same time ?

Just creating a backup AD server is easy and that might be the quickest thing to do even if you have a spare pc. I have ran one on an old pc until i fixed the old server. I am not sure 100 percent that is your issue but i know you can do it that way. AD is very lightweight.

The question in your thread is about what you can have running on AD server and TS server is hard to answer. I have run AD with TS server on it but I do not like doing that. The main reason is because AD controls everything and then if there is a problem with TS server you have to reboot. So at least AD and TS on two servers like you have. Then your questions about AD is that per say is where domain comes from and all your security and what you can and can not do.

The only thing that concerns me is that your have an antivirus server running on the same box. It is common but not best practice as AV can take down a server and run it resources very low.

I would move the antivirus server to a beefy pc or off the domain server.

The 2008 box could you raise itfrom the ashes and make it a Backup domain controller.

I will see if i can find a video or something to show you what to looking for.

Well building the AD server can be very quick as you have all the settings on the old one.

Last edited by mmoore5553; 11-09-2013 at 07:27 AM..
mmoore5553 is offline   Reply With Quote
Old 11-09-2013, 07:27 AM   #62
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

No A/V software is installed any longer (Post 56). I removed that a long time ago as it was always causing issues. It would update and scan when it felt like, usually in the middle of the day. Nor had it been upgraded to a newer (better) version.

We can have 20-30 people on plus network devices at any time during the day. I recall that it's a 50 seat license.

>>if you do not clear the logs I would not do that<<

? ? ?

Is that do or don't?

T
__________________
veritas odium parit
Toasty is offline   Reply With Quote
Old 11-09-2013, 07:30 AM   #63
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Sorry i wrote that before coffee this morning. I rewrote my thread. I would not do that as that is the only clue we have into the past. I would first look at any warns or if you can extract log then do it.

That is a small network so that is good as you do not need a big computer to put AD on.
Also are we sure the sql database is not doing a backup or purge in the mornings ?

When does this usually happen ?
mmoore5553 is offline   Reply With Quote
Old 11-09-2013, 07:38 AM   #64
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Also download hijackthis and run on all DC's I want to see what you have left over in the registry that might be causing an issue.

http://www.majorgeeks.com/files/details/hijackthis.html

do a system scan and save the log. After that upload the log files. Also have you ran malwarebytes just to be sure nothing in on it that might be causing the slow down when logging in. Just wondering as i run about three or four antivirus when you see that issue with people getting slow login or when you reboot and see preparing network connections.

Sorry if you have done all this but making sure it is not something basic we are missing first.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 09:07 AM   #65
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Arrow Re: Anyone Experienced with Server 2003 TS & AD ?

I did a log purge about a week ago. Rather issue-free over the past week until this AM. APP (201) server had a blank screen but did prompt for admin login. Never went any farther than the grey screen after 5 minutes. Shut down cold and restart. Back in operation.

Backup operation ran fine at 12:15 am and somewhere between then and 7:30 am they could not get in. I've zipped and attached the event logs for Application and System.

T
Attached Files
File Type: zip Toasty-Event-Logs.zip (8.0 KB, 3 views)

Last edited by Toasty; 11-18-2013 at 09:14 AM..
Toasty is offline   Reply With Quote
Old 11-18-2013, 10:13 AM   #66
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Odd as the event log is not showing me some of the information because I am not on windows 2003 or because I am not on your network

The description for Event ID 10119 from source WinRM cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.


that is what it says so hard to track and only thing it shows is that it shut down at 948. Is there a way when you export that it saves all the information ?

I have dealt with WinRM errors before and they always pointing back to active directory or group policy.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 10:57 AM   #67
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

I don't see any option other than save logs. Export as tab delimited is even less informative.

There is the Winlogon event 1218 @ 7:58 under Application where it could not contact Terminal Server. That was me trying to remote in.

I have 21 Warnings under System on TS (200) @ 6:54 am from Print regarding deletions and purges. This is the owner remoting in. This may be a trigger, but he does not go to APP (201).

I have 3 warnings under Application beginning at 7:39 pm last evening, at 1:39 am and 7:42 am today on MAIN (202):
Replication of license information failed because the License Logging Service on server lc-app.lifecare.com could not be contacted.

----------------

From MSDN blogs:

The WinRM service is unable to start because of a failure during initialization.

Additional Data
The error code is 1300.

To fix this, do the following:

Open secpol.msc
Navigate to Local Policies -- User Rights Assignment
Select the value "Generate Security Audits"
Add the user account to the list

The ability does not exist as the Add User or Group button is greyed out.

T
Toasty is offline   Reply With Quote
Old 11-18-2013, 11:01 AM   #68
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

If it is grayed out that means you are controlling it by group policy which is okay but you need to add that user that is controlling the service. I am not sure what you have but by default it usually is network service.

You need to add that person to group policy or check who you are using under services.

Printing via terminal services should have issues if you do not have local printer mapped. Or they are picking the wrong printer. Curious do you have a script running that kills the terminal sessions of the user at a specific time. That way the server is not holding onto server old sessions and taken up memory and resources ?
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 11:07 AM   #69
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Also on windows 2003 there was an article on technet where you disabled license information. I had to do it our our 2003 servers.

http://social.technet.microsoft.com/...m=winservergen
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 11:13 AM   #70
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Also as I was sitting here thinking about things. Have you shut off tcp chimney offloading on your servers ? I always do that for most of my servers as i have seen it cause issues before with databases, remote login , and just AD look up. I am not sure if this will help you but it is something i just normally shut off right away. Especially with an exchange server.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 11:59 AM   #71
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Lightbulb Re: Anyone Experienced with Server 2003 TS & AD ?

>>You need to add that person to group policy or check who you are using under services.<<

The error shows the User as N/A

Script runs at 11:30 pm that kicks all TS sessions. I had problems with clients not doing so and locking the database(s), making it impossible to backup. Did that last year.

I will investigate the printer bit. I think the ones called for are not mapped.

>>Have you shut off tcp chimney offloading on your servers ?<<

Google time. I don't have a clue on that one...?

License logging was off on TS. I now have it disabled MAIN & APP.

T
Toasty is offline   Reply With Quote
Old 11-18-2013, 12:05 PM   #72
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

well here is how to disable it but you can do a registry entry too

http://support.microsoft.com/kb/945977

Also this is a good article to help understand it a little bit.

http://www.symantec.com/business/sup...&id=TECH197934

You can still find the user if you look under services and then winRM if i remember right.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 02:12 PM   #73
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

NT AUTHORITY\NetworkService

So, perhaps N/A means NT AUTHORITY instead of "not available"...?


Netsh int ip set chimney DISABLED

run on TS, APP, & MAIN. I will reboot overnight. Always with much trepidation...

T

Last edited by Toasty; 11-18-2013 at 02:14 PM..
Toasty is offline   Reply With Quote
Old 11-18-2013, 02:29 PM   #74
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

You will have to setup networkService up in the group policy. --odd it should have told you NetworkService and not N/A. That is very strange

yes that is the command you need to run. Well like i always said when rebooting a server - god bless this server ...

Last edited by mmoore5553; 11-18-2013 at 02:30 PM..
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 04:03 PM   #75
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Have tried looking this up and can not edit anything to add the service. All buttons are greyed out. Am I on the wrong server?

T
Toasty is offline   Reply With Quote
Old 11-18-2013, 04:41 PM   #76
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

yep you are on the wrong server. I have to look up the command to see which server is sending out the GPO.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 04:44 PM   #77
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

if you have windows 7 just install this on your pc. You might have to go into control panel and program and features and add windows feature and look for it

http://www.microsoft.com/en-us/downl...s.aspx?id=7887

this is the best way to work with group policy as you do not have to be on the server. Plus you will see tons more group policies you might have in place.

Last edited by mmoore5553; 11-18-2013 at 04:55 PM..
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 06:13 PM   #78
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Ok. This means I have to be on the Local network/domain there, so from home this doesn't work. Every outside connection goes thru the SonicWall(s) via a specific URL. i.e. - https://remote.XYZ.com

I've been on both the APP & MAIN servers, and neither gives me the ability to add anything. Both are greyed out.

T

Last edited by Toasty; 11-18-2013 at 06:16 PM..
Toasty is offline   Reply With Quote
Old 11-18-2013, 06:22 PM   #79
mmoore5553
Senior Member
 
Join Date: Oct 2013
City & State: louisville
My Country: United States
I'm a: Hobbyist Tech
Posts: 136
Default Re: Anyone Experienced with Server 2003 TS & AD ?

odd as I am not sure why it is grayed out. It is only grayed out 1. if you are on the wrong server or 2. you are not a domain admin. Which i assume you are.
mmoore5553 is offline   Reply With Quote
Old 11-18-2013, 08:17 PM   #80
Toasty
Badcaps Veteran
 
Toasty's Avatar
 
Join Date: Jul 2007
City & State: East Coast, USA
Line Voltage: 220-221
I'm a: Professional Tech
Posts: 4,145
Default Re: Anyone Experienced with Server 2003 TS & AD ?

Sent you a PM.

T
Toasty is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



Badcaps.net Technical Forums 2003 - 2019
Powered by vBulletin ®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
All times are GMT -6. The time now is 12:53 PM.
Did you find this forum helpful?