Recently we had a power outage that was greater than 2 hours. We had to shutdown 8 out of 9 servers. I left 1 server, server6, running because it hosts web services we need 24/7. Once the power was back on, I tried to boot server1 and server2 first, considering server1 is the main operations master and server2 is our DNS server. Both of the systems were stuck at "Loading Network Connections" for about 10-20 minutes. Once the systems were booted, I logged in and the Event Viewer was filled with errors.
Server1 had:
The Security System detected an authentication error for the server LDAP/SERVER1. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
and
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.JVS.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Server2 had:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'JVS.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
and
The Security System detected an authentication error for the server ldap/server2.JVS. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
I went into Active Directory Sites and Services and tried to connect to the JVS forest numerous times with failed attempts. Finally after about the 8th try, it found the forest and everything went back to normal. This gives me the feeling something is wrong with our domain. Is there any tests I can run to see what is wrong with our domain? Has anyone ever heard of this happening?
Every AD server should have DNS on it too. You probably ended up with a AD server that couldn't connect to the DNS server because the DNS server couldn't find the AD server to authenticate against.