Desistências de rede bizarras diárias

Question

Desistências de rede bizarras diárias

#1 resposta do (0 votos)

1

Temos um servidor Windows Server 2008 R2 Standard hospedado por Hyper-V com Serviços de Área de Trabalho Remota, que tem um problema de longa data pelo qual, todos os dias nas primeiras horas da manhã, sua rede encontra muitos problemas estranhos:

Usando o Prompt de Comando para nslookup e pingar FQDNs, ambos públicos ( www.google.co.uk ) e particulares ( %domainControllerHostname%.%activeDirectoryDNSDomainName% ) têm êxito.
O uso do Internet Explorer para procurar sites ( http://support.me , https://www.google.co.uk , etc) falha com erros:

• Redefinição anterior: "Não é possível abrir a página de pesquisa". • Redefinir pós-avançado: "Esta página não pode ser exibida".
Usar o Explorer para procurar o servidor do controlador de domínio falha com o erro:

"Erro de rede O Windows não pode acessar \% domainControllerHostname% \"
Usar o Explorer para procurar por si só falha com erro:

"\ 127.0.0.1 \ O limite de nomes da placa de rede local do computador foi excedido".
Usando o Prompt de Comando para executar o comando "nslookup -type = all _ldap._TCP.dc._msdcs.% activeDirectoryDNSDomainName%" é bem-sucedido.
Eventos de erro e aviso são registrados:

Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 14/07/2016 01:37:12
Event ID: 1055
Task Category: None
Level: Error
Keywords:
User: %activeDirectoryNetBIOSDomainName%\%activeDirectoryDomainAdministratorUsername%
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Log Name: System
Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager
Date: 14/07/2016 03:02:19
Event ID: 1061
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
Remote Desktop Session Host server was unable to retrieve users Licensing information from AD. Error 0x8007054b.

Log Name: System
Source: NETLOGON
Date: 14/07/2016 03:32:12
Event ID: 5719
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
This computer was not able to set up a secure session with a domain controller in domain %activeDirectoryNetBIOSDomainName% due to the following:
The RPC server is unavailable.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

Log Name: System
Source: Microsoft-Windows-TerminalServices-Licensing
Date: 14/07/2016 03:35:38
Event ID: 4105
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
The Remote Desktop license server cannot update the license attributes for user "NOC_HelpDesk" in the Active Directory Domain "%activeDirectoryDNSDomainName%". Ensure that the computer account for the license server is a member of Terminal Server License Servers group in Active Directory domain "%activeDirectoryDNSDomainName%". If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.
If the license server is installed on a domain controller, after you have added the appropriate accounts to the Terminal Server License Servers group, you must restart the Remote Desktop Licensing service to track or report the usage of RDS Per User CALs.
Win32 error code: 0x8007203a

Log Name: System
Source: TermDD
Date: 14/07/2016 04:53:14
Event ID: 56
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 172.16.50.100.

Log Name: System
Source: TermDD
Date: 14/07/2016 04:53:24
Event ID: 50
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: %RDSServerHostname%.%activeDirectoryDNSDomainName%
Description:
The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.

Esses problemas podem ser temporariamente resolvidos por aproximadamente 24 horas, reinicializando o servidor.

VMs hospedadas no mesmo host do Hyper-V e até mesmo na mesma rede e domínio do Active Directory não apresentam problemas.

networking hyper-v windows-server-2008-r2 rds

por mythofechelon 23.09.2016 / 16:59

1 resposta

Tags networking hyper-v windows-server-2008-r2 rds

VNC: uma sessão por usuário, recuperável Uma maneira / sem áudio nos telefones Shoretel através da VPN IPSec L2L

score 0 · Accepted Answer

Após muitos diagnósticos (incluindo a clonagem da VM em um servidor Hyper-V diferente, a adição de um servidor RDS 2012 R2 ao mesmo domínio do AD etc.), nosso NOC do Continuum determinou a causa.

Estranhamente, o serviço do Windows A300_Service (aplicação TotalTimePlus versão 7.00.0000) parece ser a causa - parar instantaneamente resolve todos os problemas sem reinicializar.

Aqui está a seção relevante de seu e-mail contendo mais detalhes técnicos:

I can see in the Process Explorer this service is always try to send the SYN packet to either of these IPs 192.168.39.218:5010 or 192.168.37.180:5010. Once the SYN packet is sent might be acknowledged at the destination. The process gets completed.

Below is the Process Explorer Logs TCP-IP SnapShot

NETSTAT Logs: I was not able to see this Application packet requests at the time of failures. These are the logs when I killed the Process and re-executed the service from the Service Console.

[A300_Service.exe] TCP 192.168.38.4:55275 192.168.37.180:5010 SYN_SENT
[A300_Service.exe] TCP 192.168.38.4:55276 192.168.39.218:5010 SYN_SENT
[A300_Service.exe] TCP 192.168.38.4:55277 192.168.0.218:5010 SYN_SENT
[A300_Service.exe] TCP 192.168.38.4:55278 192.168.37.180:5010 SYN_SENT
[A300_Service.exe] TCP 192.168.38.4:55279 192.168.39.218:5010 SYN_SENT