D
Dvord Direwood
We had an AD crash which we couldn't recover from last month. We
couldn't recover because the consultant who installed the server did not
provide us with the password we would need to get in and repair it from
an alternate boot option.
As you can imagine, it's quite frustrating knowing that this happened,
yet we have no logs, or anything else in which to find out what really
happened.
In retrospect we could have spent more time trying to recover the logs,
but this was a production SBS2000 server, and we couldn't spend the
time, so we reinstalled and restored from tape.
Now that the dust has settled, I'm getting asked "why" a lot and I don't
have many answers.
Here are some of the events which I think might be related either
directly or indirectly, and I'm hoping that some of the more
knowledgable out there might have some better ideas as to what
happened...
5 weeks before the crash, we installed 2gb more memory in our server to
bring it up to 4gb to help with diminished performance from this SBS2000
server running all SBS services (ISA, ISS, F&P, Exch2k, SAV, etc.)
4 weeks before the crash, Exchange started having problems with
fragmented virtual memory. I began restarting the IS service when
warned about it. I was getting warned about once a week.
About 2 weeks before the crash, the netsky virus got past our defenses
and played some havoc with a few of the directories which are shared
out. That was the only virus found, and it was promptly scoured off.
The day of the crash, about 5 hours before, I created a group policy to
start running Windows Automatic Updates for all connecting clients.
Just 10 minutes before the crash, Exchange 2000 services stopped saying
there was a problem with Active Directory and the server would need to
be rebooted (should have left it running, it never came back after
that).
2 days after everything was restored, during a scheduled reboot, the
array controller (we're running raid 5) said there was a problem with
one of the drives. I powered the server off, then on, and no errors
were reported.
2 weeks after that, one of the drives died.
We still have virtual memory fragmentation issues which bring up error
messages in the app. log about once every 30 hours.
I finally got some support from management to spread the load off this
one server, but the question remains: why did AD crash? Was it because
of impending hardware failure of the disk? Was it the afteraffects of
some virus? Could some other virus have done this? Did the Exchange
virtual memory fragmentation lead to it? Or do I just have bad luck and
need to find another line of work?? LOL
Thanks for any help you can send me!
couldn't recover because the consultant who installed the server did not
provide us with the password we would need to get in and repair it from
an alternate boot option.
As you can imagine, it's quite frustrating knowing that this happened,
yet we have no logs, or anything else in which to find out what really
happened.
In retrospect we could have spent more time trying to recover the logs,
but this was a production SBS2000 server, and we couldn't spend the
time, so we reinstalled and restored from tape.
Now that the dust has settled, I'm getting asked "why" a lot and I don't
have many answers.
Here are some of the events which I think might be related either
directly or indirectly, and I'm hoping that some of the more
knowledgable out there might have some better ideas as to what
happened...
5 weeks before the crash, we installed 2gb more memory in our server to
bring it up to 4gb to help with diminished performance from this SBS2000
server running all SBS services (ISA, ISS, F&P, Exch2k, SAV, etc.)
4 weeks before the crash, Exchange started having problems with
fragmented virtual memory. I began restarting the IS service when
warned about it. I was getting warned about once a week.
About 2 weeks before the crash, the netsky virus got past our defenses
and played some havoc with a few of the directories which are shared
out. That was the only virus found, and it was promptly scoured off.
The day of the crash, about 5 hours before, I created a group policy to
start running Windows Automatic Updates for all connecting clients.
Just 10 minutes before the crash, Exchange 2000 services stopped saying
there was a problem with Active Directory and the server would need to
be rebooted (should have left it running, it never came back after
that).
2 days after everything was restored, during a scheduled reboot, the
array controller (we're running raid 5) said there was a problem with
one of the drives. I powered the server off, then on, and no errors
were reported.
2 weeks after that, one of the drives died.
We still have virtual memory fragmentation issues which bring up error
messages in the app. log about once every 30 hours.
I finally got some support from management to spread the load off this
one server, but the question remains: why did AD crash? Was it because
of impending hardware failure of the disk? Was it the afteraffects of
some virus? Could some other virus have done this? Did the Exchange
virtual memory fragmentation lead to it? Or do I just have bad luck and
need to find another line of work?? LOL
Thanks for any help you can send me!