Our company infrastructure is below .
Server Name | Operating System | Server Role |
CORPDC01.pooja.com | Win 2008 R2 | RollOver DC |
RODC02.pooja.com | Win 2008 R2 | RollOver DC |
RODC01.pooja.com | Win 2012 R2 | RollOver DC |
ADC03.pooja.com | Win Server 2012 R2 | RollOver DC |
PrimDC01.pooja.com | Win server 2008 R2 | Primary DC |
ADC01.pooja.com | Win server 2012 R2 | Additional DC |
ADC02.pooja.com | Win server 2012 R2 | Additional DC |
ADC03.pooja.com | Win server 2012 R2 | Additional DC |
Exchange01.pooja.com | Win Server 2008 R2 | Exchange Mailbox + CAS |
Exchange02.pooja.com | Win Server 2008 R2 | Exchange Mailbox + CAS |
Exchange03.pooja.com | Win Server 2008 R2 | Exchange Mailbox + CAS |
Few days ago . Our Primary Domain Controller named "PrimDC01.pooja.com" becomes hangs . Upon forcefully shutdown and then start , it stopped functioning properly .While check , we observed that FSMO roles were transferred to additional DC named "ADC01.pooja.com".After that we can add/remove users successfully in AD . Join workstations to AD successfully , however while joining any new Win Server 2008 R2 , its not joining to AD. DNS is not updating/adding records of newly joined workstations .
Exchange Server DAG is not connecting. Cluster Nodes are not communicating with each other. Throwing error of 'authentication problem'.
Emails flow stopped. No email send /receive .
We run AD health check and got this result .
Active Directory Health Check Result |
Identity | PingSTatus | NetlogonService | NTDSService | DNSServiceStatus | NetlogonsTest | ReplicationTest | ServicesTest | AdvertisingTest | FSMOCheckTest |
CORPDC01.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
RODC02.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
RODC01.pooja.com | Success | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckFail | |||
ADC03.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
PrimDC01.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
ADC01.pooja.com | Success | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckFail | |||
ADC02.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
ADC03.pooja.com | Success | Running | Running | Running | NetlogonsFail | ReplicationsFail | ServicesFail | AdvertisingFail | FSMOCheckPassed |
Result of netdom query fsmo command on "PrimDC01.pooja.com" is
List of domain controllers with accounts in the domain:
Access is denied.
The command failed to complete successfully.
Result of netdom query fsmo command on "ADC01.pooja.com" is
Schema master ADC01.pooja.com
Domain naming master ADC01.pooja.com
PDC ADC01.pooja.com
RID pool manager ADC01.pooja.com
Infrastructure master ADC01.pooja.com
The command completed successfully.
Result of nslookup command on "ADC01.pooja.com" is
DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 172.20.4.29
>
Can any one here guide me whats wrong here and how can I handle this issue. Trying to restore thePrimDC01.pooja.com server with lastavailable system state backup , but restore fails . Now I am stuck what to do ?
We have run AD Health Check on "ADC01.pooja.com" below is the result
| Active Directory Health Check |
| Identity | PingSTatus | NetlogonService | NTDSService | DNSServiceStatus | NetlogonsTest | ReplicationTest | ServicesTest | AdvertisingTest | FSMOCheckTest |
| ADC02.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
| RODC02.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
| ADC03.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
| CORPDC01.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
| RODC03.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
| RODC01.pooja.com | Success | Running | Running | Running | NetlogonsPassed | ReplicationsPassed | ServicesPassed | AdvertisingPassed | FSMOCheckPassed |
Excahnge Server Problem Summary:
3Node DAG Cluster
- Node 1
Exchange01.pooja.com |
- Node 2
Exchange02.pooja.com |
- Node 3
Exchange03.pooja.com |
Issue facing:
- Cluster having issue (The Cluster network name is not online)
- RPC Server service not responding
- DAG malfunctioning
- Databases are down
- Outlook prompting for UID and PW from all users
- Trust relation issue on 1 Node as it gets restarted. Other two nodes are able to login through domain as they not restarted after the incident.
