Domain Controller Down (VM)
-
Do you have anything like Nagios or Zabbix in place monitoring your systems? Any aggregate log servers/services in place?
-
Locating a hosted VM's files: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003880
-
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
-
@wirestyle22 said in Domain Controller Down (VM):
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
So is the domain down (only one domain controller) or is the domain itself still up? What is the urgency here? Is there impact at this point, or just a VM that should be fixed?
-
I have not had an active VMWare setup for over 2 years now, so i cannot help with details.
But if the console will not let it turn on, usually something is not found.
Browse the datastore manually and see if all the files exist
-
VMware says...
This issue occurs when:
- Permissions are not set correctly.
- There are virtual machine tasks running in the background.
- The .vmx file is corrupted.
- There are invalid arguments in the .vmx file.
-
Permissions are not set correctly
To troubleshoot this issue:
- Ensure there are sufficient permissions on the virtual machine. In vSphere Client, select the virtual machine. Click the Permission tab. Ensure that sufficient permissions are applied to the user/group.
- If permissions are defined at a host, cluster, datacenter or vCenter level, apply the required permissions to the user or group to edit the virtual machine settings.
-
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
So is the domain down (only one domain controller) or is the domain itself still up? What is the urgency here? Is there impact at this point, or just a VM that should be fixed?
I'm assuming that there are other roles on here that he has not mentioned.
Because if it was only as DC, the FSMO roles mean nothing to clients in general day to day work.
-
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
So is the domain down (only one domain controller) or is the domain itself still up? What is the urgency here? Is there impact at this point, or just a VM that should be fixed?
He has a second DC on the network. It is a Server 2008 based setup according to his first post.
-
I don't actually know how to fix this issue and am very stressed. Typing quickly as a result so please try to bear with me. A user called me and said she thought we had an internet outage. I checked my hypervisor and saw that the DC (2003) was greyed out and inaccessible. I'm assuming we must have had a domain syncing problem before this occurred, otherwise the other domain should have picked everything up as it is round robin. I attempted to disconnect my PC from the domain and reconnect. It claims there are no active directory controllers found.
-
Generally when you see issues like this it's because the vmdk is corrupt or not on the drive. In the VMWare console check the datastore and see if the vmdk is listed.
Either way generally the best bet is restore from backup.
-
@coliver It's not listed. Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
-
@wirestyle22 said in Domain Controller Down (VM):
@coliver Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
One domain as the primary? There is no more primary or secondary domain controller all of them are now master/master.
-
@coliver said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@coliver Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
One domain as the primary? There is no more primary or secondary domain controller all of them are now master/master.
Only one has FSMO roles though and that is the server that is down
-
@wirestyle22 said in Domain Controller Down (VM):
I don't actually know how to fix this issue and am very stressed. Typing quickly as a result so please try to bear with me. A user called me and said she thought we had an internet outage. I checked my hypervisor and saw that the DC (2003) was greyed out and inaccessible.
These two things are not even closely related.
I'm assuming we must have had a domain syncing problem before this occurred, otherwise the other domain should have picked everything up.
Why are you even thinking this? This has nothing to do with internet access.
I attempted to disconnect my PC from the domain and reconnect. It claims there are no active directory controllers found.
This is an action that I have never attempted with the FSMO DC offline. I have no idea how well it would work. This is not a proper troubleshooting step either way.
Use something like
echo %logonserver%from your domain joined desktop to see which system it logged on to. -
@JaredBusch said i
Use something like
echo %logonserver%from your domain joined desktop to see which system it logged on to.I think he said he can't get back on the domain.
-
@wirestyle22 said in Domain Controller Down (VM):
@coliver said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@coliver Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
One domain as the primary? There is no more primary or secondary domain controller all of them are now master/master.
Only one has FSMO roles though and that is the server that is down
That's fine. That shouldn't matter you can have the domain controller fail without issues for a little while. Generally a good amount of time as the Master/Master synchronization does its job.
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said i
Use something like
echo %logonserver%from your domain joined desktop to see which system it logged on to.I think he said he can't get back on the domain.
Of course, he could try from another.
It certainly would be interesting to see what a "domain joined" machine reports back.
And if it can see the other DC.
@wirestyle22 ... can you see the other DC from other machines?
-
@coliver said
Either way generally the best bet is restore from backup.
Though use the recommended method since it is a DC. (Or just rebuild from scratch depending on what is on it.)
-
You are troubleshooting the wrong things. You just need to f[moderated]ng stop and go back to the beginning.
You had a report of internet outage and jumped to AD failures. This is the initial issue.
Forget about the damned DC.
Why is the user reporting internet issues. A down DC has nothing to do with that unless it has DHCP or DNS roles on it.
