| Contains Resolution: |
|
|
The symptoms that we encountered with this error were Authentication failures and AD Communication Errors. This was most likely because DNS was failing to resolve the domain name. We have two DNS servers, one on each domain controller. We initially thought the secondary DNS Server was the problem DC because of the High CPU. But after failing to make a connection to the primary via Active Directory Users and Computers we determined it was not the secondary. The Event Logs on the primary contained the 4016 event Ids. We believe clients at some point were beginning to fail over to the second DNS server in there DNS Server list putting heavy load on the secondary server.We resolved the issue by restarting the DNS service. The service did not successfully stop and we had to Kill the DNS.exe process. The service then started successfully and proper DNS and AD functionality returned.Follow-up notes: It was later determined that the root cause was a large number of user and computer accounts (200+) all at once being added to a security group causing the Infrastruture Master to be overworked. The Directory Services log included the following events:
1)
ID - 2094,
Source - NTDS Replication,
Description - Performance warning: replication was delayed while applying changes to the follwoing object...2)
ID - 1792
Source - NTDS Database
Description - A transaction lasts 39 minutes and 41 seconds, much longer thabn expected.
|
|
|
|