Charlie, is it possible that you were having problems at a lower level in the stack?
DHCP should check every 60 minutes by default IIRC. If it loses connectivity, it should check every 5 minutes (default) for the AD. But I don't recall a limit on the number of retries and it sounds like authorization was fine since it was handing out addresses on it's local subnet. Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Tuesday, November 02, 2004 9:08 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] DHCP authorization problem I'm going to test it again by yanking the ethernet cable after hours and seeing if the same problem returns. I'm still not convinced there isn't a core switch config or code issue. I have seen this happen before; that's why I knew to bounce the service. We're going to keep looking at it. The only other thing running on that box is WINS... ********************** Charlie Kaiser MCSE, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ********************** > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Robert > Rutherford > Sent: Tuesday, November 02, 2004 1:23 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] DHCP authorization problem > > If you had local connection (same subnet) connection to a DC and DNS > then I can't think of any reason why your problem would occur ....It's > also strange that the DHCP server was serving to its own subnet and > not to others. > > I would just it put it down to a 'one off' and wouldn't be too > concerned. If you could do a switch bounce again and test it then > fine. > > Out of interest, what else runs on the DHCP server? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Charlie > Kaiser > Sent: 02 November 2004 00:47 > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] DHCP authorization problem > > 1. Yes. > 2. Yes. > 3. Cisco 3640 and 2620s, with a 4006 core switch doing Layer > 3 routing. > 4. Cleanup on the configs, code updates, additional security; stuff > like that. We went over the configs this AM and everything looked > fine, and once I restarted DHCP, all the subnets got addresses just > fine. > 5. Yes. I check that one regularly. :-) > > I don't even mind that the DHCP server unauthorized, but it would have > been nice if it could reauthorize, or at least show me something that > indicated it had unauthorized. When I looked in the MMC, it gave me an > option to unauthorize, so I assumed (I know) it was still authorized. > Made a stupid mistake, though; I didn't check the system log when I > realized we had a problem. Would have found it much faster. > > Is the unauthorizing when DC comms go down behavior by design? > > ********************** > Charlie Kaiser > MCSE, CCNA > Systems Engineer > Essex Credit / Brickwalk > 510 595 5083 > ********************** > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Robert > > Rutherford > > Sent: Monday, November 01, 2004 3:45 PM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] DHCP authorization problem > > > > A few question.... completely firing in different directions but may > > lead to a cause :- > > > > 1) I take it your routers are relaying DHCP, not agents? > > 2) Is there a local DC in the same subnet as the DHCP server? > > 3) What are the routers? I've seen different routers play games with > > DHCP relays. > > 4) What was the maintenance? > > 5) Are all your DCs running clean on DCDIAGS ( I know I always ask > > that question, but identifies obvious config issues at times) > > > > Rob > > > > ________________________________ > > > > From: [EMAIL PROTECTED] on behalf of Charlie Kaiser > > Sent: Mon 01/11/2004 21:23 > > To: [EMAIL PROTECTED] > > Subject: [ActiveDir] DHCP authorization problem > > > > > > > > I had an odd one over the weekend. We did some network maintenance > > that included a core switch bounce. Down for about 5 minutes. We > found out > > this morning that DHCP wasn't working on any subnets except for the > > one that the DHCP server was on. We had made switch and router code > > and config changes, so we looked to that as a solution, but with no > > success. > > I remembered something from a while back where I had a > similar problem > > and restarted the DHCP service. This corrected the issue. > Apparently, > > the DHCP server had lost authorization from AD when the core switch > > went down. Event ID 1059; "The DHCP service failed to see a > > directory server for authorization." I would have expected it to > > reauthorize once connectivity was restored, however. But it didn't. > > I had to restart the service manually. > > Is this normal? I would expect that DHCP authorization would be able > > to recover from a short loss of connectivity. > > Any pointers to a way to prevent this from happening again? > > Thanks! > > > > ********************** > > Charlie Kaiser > > MCSE, CCNA > > Systems Engineer > > Essex Credit / Brickwalk > > 510 595 5083 > > ********************** > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > ============================================================== > > ========= > > Scanned for virus infection by Messagelabs > > ============================================================== > > ========= > > > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > ============================================================== > ========= > Scanned for virus infection by Messagelabs > ============================================================== > ========= > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
