Monday, November 16, 2009

A Different Kind of Exam Question

See if you can guess the solution for the following real incident:

Network consists of Windows Server 2008 Standard edition, and six Windows 7 clients. All are joined to a native 2008 Active Directory domain.  The router is a Linksys, which is also handling DHCP services. The server, router, and cable MODEM are plugged into a reliable UPS for the number of devices being used.  However, the UPS also has other devices plugged into the battery side, not the surge-protector-only side.

During a night of bad weather, the facility power drops out completely several dozen times in short succession.  Almost as if a light switch were being toggled on and off.  The UPS is carrying too many devices for the battery to power for more than a few seconds and soon devices on the UPS are powering off along with the facility.  To avoid potential hardware damage, the devices are shut off until the following day.

The next day, everything is powered back up and appears fine. Users are able to logon, but notice that the "Preparing your desktop" prompt takes almost 5 full minutes to finish.  Users then find that they are being prompted for credentials each time they attempt to browse shared folders on the server.

From all desktops, the server/domain controller can be pinged successfully and once credentials are entered they can browser and manage folders and files.

The System Event log on each client mentions that the desktop is no longer trusted by the domain.  The administrator performs a "reset" on a few computers in Active Directory, and then attempts to disjoin and rejoin the appropriate computers to the domain.  However, when they attempt to rejoin, they are prompted for credentials, but then presented with an error message indicating that the domain cannot be resolved by DNS and no DNS is available.  Tests on the domain controller itself indicate DNS, AD, Kerberos and all other services are operating properly.

The administrator decides to turn off the client firewall and attempt to join the computers again, but the same problem occurs again.  Then the administrator attempts to refresh the DHCP assignment using IPCONFIG /RELEASE and /RENEW.  The addresses are being assigned but only one of the two DNS server addresses are being applied on the clients. The DHCP server assigns one internal and one external (as a backup).  Only the external address was being applied.  Trying to log into the router resulted in failed logon attempts.  The router configuration had been corrupted sufficiently to break the administrative logon settings it seemed.

The solution is:

A) Rename the computers and attempt to join them as new accounts. Then
delete the former accounts from AD.

B) Specify a domain suffix for the IPv4 network connection properties,
and try to join the domain again.

C) Specify a static DNS address for the IPv4 network connection
properties, and try to join the domain again.

D) Reboot the router and try to join the domain again.

E) Reset and re-configure the router, refresh the IP assignments on the
clients, and try to join the domain again.

The Answer?  Post your best guess as a feedback.  I’ll post the real answer soon.

Post a Comment