J
JameyW911
We have two domain controllers in our environment. One runs Server 2012R2 and the other runs Server2016. In addition to handling Active Directory duties, they also run DNS and DHCP. The 2012R2 server also run Network Policy Server and hands out certificates. The 2012R2 is a physical server and the 2016 server is virtual in VMware.
Almost any time either server is rebooted, the issue shows up.
The issue is as follows: System is restarted using the restart option in Windows. Server appears to start normally. Press CTRL-ALT-DEL to get a login prompt. User is administrator (or any other domain admin account), enter password and hit enter or click the arrow. The cursor is moved back to the beginning of the password field and the previously entered password remains. Sometimes, the password is highlighted. Trying to RDP into the server fails. I can open services.msc and connect to the services on the server. Several Automatic start services are not started. When I try to start some of them, I get the message "Windows could not start the <Service Name Here> Service on ServerName. Error 0x800706d3: The authentication service is unknown. Others will display a message that says: Windows could not start the <Service Name Here> Service on ServerName. Error 1115: A system shutdown is in progress. After multiple reboots (5 or more) and about an hour of elapsed time, it can be logged into.
Once in, looking the event logs, in the Application Log there are a few Errors listed:
Event ID 4117 Could not initialize the MS DTC user interface server object
Event ID 4441 A MS DTC component has encountered an internal error. The process is being terminated. Error Specific: DtcSystemShutdown (com\complus\dtc\dtc\msdtc\src\msdtc.cpp@2506): Shutting down with an error.
I also a number of Event ID 1001 from Windows Error Reporting - Event Name WindowsUpdateFailure3
Looking in the System Log, I see where Windows Update has been trying to install KB4052623 but keeps failing. I also see a few Event 1006: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
I have everything back up and running but I don't dare install updates because it will want to reboot and I'll be in the same mess again.
Also, when it is in the state of not being able to be logged into, DHCP functions erratically or not all and DNS doesn't answer requests although both services show to be running.
Continue reading...
Almost any time either server is rebooted, the issue shows up.
The issue is as follows: System is restarted using the restart option in Windows. Server appears to start normally. Press CTRL-ALT-DEL to get a login prompt. User is administrator (or any other domain admin account), enter password and hit enter or click the arrow. The cursor is moved back to the beginning of the password field and the previously entered password remains. Sometimes, the password is highlighted. Trying to RDP into the server fails. I can open services.msc and connect to the services on the server. Several Automatic start services are not started. When I try to start some of them, I get the message "Windows could not start the <Service Name Here> Service on ServerName. Error 0x800706d3: The authentication service is unknown. Others will display a message that says: Windows could not start the <Service Name Here> Service on ServerName. Error 1115: A system shutdown is in progress. After multiple reboots (5 or more) and about an hour of elapsed time, it can be logged into.
Once in, looking the event logs, in the Application Log there are a few Errors listed:
Event ID 4117 Could not initialize the MS DTC user interface server object
Event ID 4441 A MS DTC component has encountered an internal error. The process is being terminated. Error Specific: DtcSystemShutdown (com\complus\dtc\dtc\msdtc\src\msdtc.cpp@2506): Shutting down with an error.
I also a number of Event ID 1001 from Windows Error Reporting - Event Name WindowsUpdateFailure3
Looking in the System Log, I see where Windows Update has been trying to install KB4052623 but keeps failing. I also see a few Event 1006: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
I have everything back up and running but I don't dare install updates because it will want to reboot and I'll be in the same mess again.
Also, when it is in the state of not being able to be logged into, DHCP functions erratically or not all and DNS doesn't answer requests although both services show to be running.
Continue reading...