I have a Windows Server 2008 R2 installation that is acting as a DC. It has been operational without any problems since late August. All of a sudden, UNC share access experiences an issue where no-one (clients or the DC itself) can access the DC's shares. A reboot of the computer resolves the issue for a minimum time 24-hours, at which time UNC fails again. When this occurs, DNS appears to be fine, routing is fine, I can remote in the server by its FCDN, etc. There are no log entries that really indicate that there is a problem until clients and even the DC itself try to refresh Group Policy, which is accessed via a UNC share.
I realize that details are scant, so if you have any troubleshooting information I can go dig up and post, I would appreciate it.
"Windows Server 2008 network shares may become unresponsive with Symantec Endpoint Protection 11 or Symantec AntiVirus 10.2 client installed and Auto-Protect enabled."
From here.
Have been conducting my own additional research and found this article:
Windows 2008 Server Network Connectivity Problem:
I noticed my drivers were the Microsoft installed versions. I also found that my NIC manufacturer had more specific (and recent) versions of the NIC drivers, so I have loaded those. It has been a few days; so far so good. I'm not calling this one solved, so we'll see what the next few days bring...
Any updates applied about the time it started having this trouble?
Check that following services are up and running on the server:
They should be dealing with sharing...
EDIT:
Try to check also all dependences to Network Discovery, like:
* Function Discovery Resource Publication
* SSDP Discovery
* UPnP Device Host
Did you adjust the server clocks for Daylight Savings? You might be off by an hour.
Please define "no one can access". What is the exact error message/problem....permission denied, shares not visible, server not found, etc?
In your example \\domain.local\sysvol being inaccessible, is DFS in use?
Have you done the previously suggested test of \\127.0.0.1\Share from the server itself?
This might seem obscure since you can do pretty much everything except SMBFS on the server, but - have you tried moving the server to a different switch port? A confused switch ARP stack can create many weird problems. I've had similar problems before (especially when doing trunking), and my only solution was to hard-reset our switches.
The Server service allows shares to be accessible. So you indicated that the server service is up and running and that client and the DC itself cannot connact to the shares.
Do you have a firewall configured? if the clients cannot connect to the shares you could try portqryv2 on the server itself to confirm that the ip ports are open, these ports are 137,138,139, and 445. Is NBT enabled?
Is the DC internet facing?
Also try turning up the logging to find out if there are any errors you're not specifically picking up. It could be that you have a virus which may be causeing a buffer overflow on the TCP stack.
What does the output of "net share" say when you run it from the cmd.exe?
Are all the shares which should be there actually appearing?