server 2012 r2 event id 18456

Duncan McDonald 21 Reputation points
2021-04-22T22:09:17.007+00:00

A DC running 2012 r2 has a continuous error in event viewer 'Application'
The log is;
Source: MSSQL$MICROSOFT##WID
Event ID: 18456
Task Category: Logon
Level: Information
Keywords: Classic,Audit Failure
User: NETWORK SERVICE
Computer: DC2.Domain
Description:
Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. Reason: Failed to open the explicitly specified database 'RdCms'. [CLIENT: <named pipe>]
Security UserID="S-1-5-20"

The user 'NT AUTHORITY\NETWORK SERVICE' is set to logon as a service

DC2 does not provide the broker service for RDC nor does its partner DC1. A separate 2008 r2 which is used for data and application purposes provides RDC

SQL Management does not connect to any dBase

The real problem here is that the BMR backup is now failing

Suggestions to sort would be appreciated

Windows for business | Windows Server | Devices and deployment | Set up, install, or upgrade
Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Anonymous
    2021-04-22T22:38:41.533+00:00

    Sounds like an abundance of corruption. The safer / cleaner method would be to stand up a new one for replacement.

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2012, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments

  2. Anonymous
    2021-04-23T03:30:47.31+00:00

    Hi,
    Before going further, you can check the status of the DCs and the replication in the domain.
    Following command for your reference:
    Dcdiag /v >c:\dcdiag1.log
    Repadmin /showrepl >C:\repl.txt
    Repadmin /showreps * 
    If there are any progress, welcome to update here!
    Best Regards,

    0 comments No comments

  3. Anonymous
    2021-04-23T13:04:22.267+00:00

    Any progress or updates?

    --please don't forget to Accept as answer if the reply is helpful--


  4. Duncan McDonald 21 Reputation points
    2021-04-28T07:56:05.417+00:00

    I work in a production environment which does not permit experimentation and changes without first planning. The DC in question does not support only that role but others including DFS variously across 3 servers.
    I will try as suggested, replacement of the DC possibly this weekend, unless there is a disaster. At the moment the biggest concern is that the BMR backup does not complete on that machine. All other backup systems are OK

    0 comments No comments

  5. Anonymous
    2021-04-28T13:30:01.297+00:00

    which does not permit experimentation

    Could not agree more. Replacement as mentioned will be the safest / cleanest move. Splitting the domain controller off onto it's own instance of windows provides a much more simplified environment.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.