- Users are not able to access shares on server
- unable to access netlogon and sysvol share on server
- unable to load or edit GPO’s
- DFS namespace seems to be broke on the domain controller
Decided to open a case with MS Support before restoring from backups.
- ‘netdom query dc’ – resulted in error
- net share
- \\localhost – failed to open shares on server
- \\server\sysvol – failed to open with ‘You might not have permissions to use this network resource’ The specified network name is no longer available.
- Advanced Settings in Network adapter, Provider Order, Symantec was at top, moved WIndows Network up to top priority
- netsh int tcp show global
- C:\ programdata, microsoft, crypto, rsa, machinekeys
- uninstall Symantec Endpoint Protection Client per MS support, and reboot
- gpupdate /force failed
- DIsabled SMB2 the correct way instead of through the registry, this resolved all issues after rebooting
Unlock region failure
Likely Network/Hardware error
I took on a customer that has been running into this error for about 4 months now. They have an SBS 2011 server. They have a mixed environment of both Windows 7 and Windows XP PC’s, however all the users running Sage are on Windows 7.
So far their HP switch has been replaced, and power management settings have been checked on the server and a workstation.
Server is an HP Proliant ML350 G6
NIC HP NC326i PCIe Dual Port – driver 18.104.22.168 (10 Feb 2012)
Update NIC to 22.214.171.124 (18 Feb 2014)
Questions to Ask
- When did the issue start? March 13th, end of February, begin March 1
- Who is affected, do they have logs of when it happens and where?
- Can they recreate the issue? No, computers get really slow before it happens
- Are the latest patches installed for Sage?
- How old is their network switch, are they running gigabit?
- When does the issue happen most often?
Things to check/try
List of users having the issue, all of them?
Go through event logs on server on 4/24/2014 to see what changed
Scan server for viruses and malware
Check firewall settings – firewall was on, disabled it
- Wireshark capture
Update NIC drivers on server ML350 G6
Disable HP power management on server, set maximum performance and static high performance, disable all Cstates
- Check for rouge hub or other network device
Check speeds on NIC’s, auto negotiate?
- Test cables with Fluke for EMI
- Switch server to use its other NIC
Disable interrupt moderation on NIC
Backups only run at 6AM and 6PM would not cause issues during day
Disable shadow copies
Run MalwareBytes to check for malware
No Windows Updates were installed around the time issue started happening
Update BIOS, from 5/5/2011 to latest version, 7/2/2013
Balanced Power and Performance, Dynamic Power Savings was set in BIOS
Changed above settings to maximum performance and disabled all Cstates
Disabled Flow Control on NIC, was at TX and RX
Priority and VLAN disabled, was enabled
Speed and duplex set to 1000Mb Full duplex, was set on auto negotiate
HP V1810 J9660A 48G switch was running firmware 1.15 which is known to cause switch lockups. Upgraded switch firmware to 1.18
Run HP Service Pack for Proliant (SPP) on server to upgrade firmware and BIOS of server
This started out as an issue with the 120 day grace period expiring. I went into the Remote Desktop Licensing Manager and added the Microsoft Open agreement with the RDS CAL’s.
I noticed there was a yellow explanation point in the RDS licensing screen, and had the following warning.
The license server is not a member of the Terminal Service License Servers group in Active Direectory Domain Services. The license server will not be able to issue RDS Per User CALs to users in the domain, and you will not be able to track or report the usage of RDS Per User CALs on this license server. Clicked Add to Group, Click Continue.
RD Connection Broker failed to process the connection request for domain/user
Remote Desktop Services failed to join the Connection Broker on server RDS.domain. Error: Current async message was dropped by async dispatcher, because there is a new message which will override the current one.
Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker. Error: Element not found.
Remote Desktop Connection Broker Client failed to redirect the user domain\user. Error: NULL
Finding destination computer…
Troubleshooting with MS
- Create a test admin account, on the RDS server connected to ‘localhost’ and used test admin account, that worked fine.
- Modify Group Policy RDS Licensing, set name, and user CALs
- Restart RDS services
- Reboot Server
- Still getting error “Licenses are not available for this Remote Desktop Session Host server, and RD Licensing Diagnoser has identified licensing RD Session Host server.
- works with mstsc /admin which allows it to connect without certs
- Modified the group policies for licensing server, licensing mode
- Licensing issues still
- net stop termservlicensing
- c windows system32.lserver.old
- create new lserver folder, change permissions
- network service full control
- net start termservlicensing
- licmgr, add licesning again
- Delete all certificate entries from RCM key, reboot
- remove incorrect certificate in cert MMC
- Modify the following registry
- HKLM – System – Current Control Set – Control – Terminal Server – WinStations – RDP-TCP – Security Layer changed from 1 to 0
Removing Symantec Mail Security for Microsoft Exchange 6.5 (SMSMSE) for Microsoft Exchange 2010/2007 after Add or Remove Programs does not work
Manual removal script for Symantec Mail Security for Exchange (SMSMSE) for all versions