Windows 2022 - DFSR & NTDS ISAM error messages cause the system to freeze

Thorsten Böhme 20 Reputation points
2023-08-24T05:18:19.13+00:00

Good evening,

Unfortunately we have a problem with a Windows 2022 Standard Server. Usually around 21:00 +/- half an hour and recently also at lunchtime, all services from the server slowly break down until nothing works anymore! You can no longer log into the server itself. It is then still possible to log on to the clients, but due to the time it takes, the logon is carried out with the local profile! Mentioned: Currently, the system is automatically restarted every morning at 05:30. As a result, we have been able to control it in such a way that the failures always take place in the evening, until today.

Ultimately, the only thing left is to restart the server to be able to work again. After the restart, the replication on the volume and the database works again.

The following services run on the WIndows 2022 Server:

  1. Domain Controller
  2. DNS servers
  3. File & Storage Services
  4. Printer Services
  5. as well as services such as Datev, DMS and David

The server was reinstalled in June on a new machine! The error started about 3 weeks after commissioning, after there were problems with the Datev DMS installation and it was uninstalled several times.

What I've done so far:

Dell checked the hardware remotely and couldn't find any errors.

Since the server was previously operated individually, three weeks ago we integrated a 2nd Windows 2019 server into the domain and set up DFS replication on both. After that we had no more failures for 14 days.

According to the event log, a number of error messages then appear under DFS replication and directory service. (see below). From the DNS error messages 4015 & 4004, the log is shortened, since the messages then only repeat themselves!

Maybe someone has an idea how we can solve the problem and without having to reinstall the system.

Thank you for your attention and your suggestions for a solution. ;-)

Warning 08/23/2023 12:59:18 DFSR 2102 None "Internal database error on volume C: at the DFS Replication service. Replication has stopped for this volume while the database is being rebuilt. After the operation is complete, replication for this volume will resume recorded.

Additional Information:

Error: 9014 (Database Error (-1018))

Volume: ********---****-B621DC4E34DE

Database: C:\System Volume Information\DFSR"


Error 08/23/2023 12:59:18 DFSR 2104 None "The DFS Replication service could not recover from an internal database error on volume ""C:"". Replication has stopped for all replicated folders on this volume.

Additional Information:

Error: 9203 (The database is corrupt. (-1018))

Volume: ********---****-BFDC-B621DC4E34DE

Database: C:\System Volume Information\DFSR"


Error 08/23/2023 12:59:18 DFSR 2004 None "The DFS Replication service has stopped replication on volume ""C:"". This error can occur because the disk is full or is failing or a quota limit has been reached. It can also occur when the DFS Replication service encounters errors attempting to stage files for a replicated folder.

Additional Information:

Error: 9014 (database error)

Volume: ********---****-BFDC-B621DC4E34DE"


Error 08/23/2023 12:59:18 DFSR 2104 None "The DFS Replication service could not recover from an internal database error on volume ""C:"". Replication has stopped for all replicated folders on this volume.

Additional Information:

Error: 9207 (The database does not have enough memory. (-1011))

Volume: ********---****-BFDC-B621DC4E34DE

Database: C:\System Volume Information\DFSR"



Error 08/23/2023 12:59:59 ADWS 1206 ADWS Instance Events Active Directory Web Services could not determine whether the computer is a global catalog server.

Error 8/23/2023 1:00:18 PM DFSR 2104 None "The DFS Replication service could not recover from an internal database error on volume ""C:"". Replication has stopped for all replicated folders on this volume.

Additional Information:

Error: 9207 (The database does not have enough memory. (-1011))

Volume: ********---****-BFDC-B621DC4E34DE

Database: C:\System Volume Information\DFSR"


Error 8/23/2023 1:02:18 PM DFSR 2104 None "The DFS Replication service could not recover from an internal database error on volume ""C:"". Replication has stopped for all replicated folders on this volume.

Additional Information:


Error: 9205 (Error performing I/O on database volume. (-510))

Volume: ********---****-BFDC-B621DC4E34DE

Database: C:\System Volume Information\DFSR"

Error 08/23/2023 13:02:18 DFSR 4004 None "The DFS Replication service has stopped replication for the replicated folder at the local path ""C:\TBI-DFSR"".

Additional Information:

Error: 9014 (database error)

Further context of the error:

Replicated folder name: TBI-DFSR

Replicated Folder ID: ********---902E-5FA52966E49C

Replication Group Name: TBI Replication

Replication Group ID: ********---****-B433-40E28F4C2F0A

Member ID: ********---****-9DF1-91177126A6AE"


Error 8/23/2023 1:02:18 PM DFSR 2104 None "The DFS Replication service could not recover from an internal database error on volume ""C:"". Replication has stopped for all replicated folders on this volume.

Additional Information:

Error: 9205 (Error performing I/O on database volume. (-510))

Volume: ********---****-BFDC-B621DC4E34DE

Database: C:\System Volume Information\DFSR"


Error 08/23/2023 13:02:18 DFSR 4004 None "The DFS Replication service has stopped replication for the replicated folder at the local path ""C:\Windows\SYSVOL\domain"".

Additional Information:

Error: 9014 (database error)

Further context of the error:

Replicated Folder Name: SYSVOL Share

Replicated Folder ID: ********---****-A6E2-85A2E1295154

Replication Group Name: Domain System Volume

Replication Group ID: ********---****-A9E6-11400296845A

Member ID: ********---****-8726-2D27C35DB696"


Error 08/23/2023 13:02:28 NTDS ISAM 482 General "NTDS (1132,D,0) NTDSA: Attempting to log in file ""C:\Windows\NTDS\edb.log"" at offset 9736192 (0x0000000000949000) for Writing 4096 (0x00001000) bytes failed after 0.000 seconds with System Error 1453 (0x000005ad): ""Insufficient quotas to perform the requested service."" Failed. Error -1011 (0xfffffc0d) on write operation. If this condition persists, is The file may be corrupt and needs to be restored from a previous backup."


Error 08/23/2023 13:02:28 NTDS ISAM 492 Logging/Recovery "NTDS (1132,D,10) NTDSA: The log file order in ""C:\Windows\NTDS"" was stopped by a fatal error. For the database No further updates are possible using this log file order. Please correct the problem and restart or restore from backup."


Error 8/23/2023 1:02:28 PM NTDS ISAM 416 Logging/Recovery NTDS (1132,D,10) NTDSA: Unable to write to section 2 while clearing log file C:\Windows\NTDS\edb.log. Error -1011 (0xfffffc0d).


Error 8/23/2023 1:02:28 PM NTDS ISAM 471 Logging/Recovery "NTDS (1132,D,11) NTDSA: Unable to roll back operation #2771 for database ""C:\Windows\NTDS\ntds.dit"". Error: -510. All future database updates will be rejected."


Warning 08/23/2023 13:02:28 Microsoft-Windows-ActiveDirectory_DomainService 1173 Internal processing "Internal event: Active Directory Domain Services has encountered the following exception and associated parameters.

exception:

e0010004

Parameter:

59645

additional data

error value:

-1090

InternalID:

2080382"


Error 08/23/2023 13:03:10 Microsoft-Windows-DNS-Server-Service 4015 None "The DNS server encountered a critical Active Directory error. Make sure that Active Directory is functioning correctly. The extended error debugging information (which may are blank) are """". The event data contains the error code."


Error 08/23/2023 13:03:10 Microsoft-Windows-DNS-Server-Service 4004 None "The DNS server could not complete the enumeration of the directory services of the zone ""." This DNS server is to use information configured, which are retrieved from Active Directory for this zone and cannot load the zone without this information. Make sure that Active Directory is working properly and repeat the enumeration of the zone. The extended error debugging information (which may be blank) reads """". The event data contains the error code."

Functions. The extended error debug information (which may be blank) is "000020EF: SvcErr: DSID-02080382, problem 5012 (DIR_ERROR), data -1090". The event data contains the error code."

Best regards

Thorsten

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,440 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,073 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,814 questions
0 comments No comments
{count} votes

Accepted answer
  1. Dave Patrick 426K Reputation points MVP
    2023-08-26T12:46:52.8266667+00:00

    Is a restart of services delayed, for example DFSR, which crashes from the server or does only the server restart help?

    Restarting just clears out the end point mapper ports. What likely happens after you reboot, is the services try over and over again until the RPC endpoint mapper runs out of dynamic ports at which time things cease to operate. netstat -aon should confirm this. Sounds like DFSR is probably unrecoverably corrupted.

    and should the whole server be reinstalled or is it enough if I reinstall the domain controller?

    Reinstalling a single domain controller in existing domain will not fix anything. If you didn't have backups then standing up a new domain could be an option. Then join the members to the new domain, but do not install other roles and applications on your domain controllers.

    Please don't forget to close up the thread here by marking answer if reply is helpful.

    1 person found this answer helpful.
    0 comments No comments

3 additional answers

Sort by: Most helpful
  1. Dave Patrick 426K Reputation points MVP
    2023-08-24T13:37:56.81+00:00

    Did you run out of disk space? How many domain controllers?


  2. Thorsten Böhme 20 Reputation points
    2023-08-25T06:50:54.3966667+00:00

    Hello Dave,

    • 2TB disk space available
    • 2 domain controllers
    • No updates available
    • The server is new, just 2 months old!

    thank you


  3. Dave Patrick 426K Reputation points MVP
    2023-08-25T22:44:56.9633333+00:00

    Ok, so I took a look and its somewhat difficult due to approximate translations and such but it's pretty clear DFSR is badly broken and probably unrecoverable in my opinion. What likely happens after you reboot, is the services try over and over again until the endpoint mapper runs out of dynamic ports at which time things cease to operate. Installing SQL / File / Print services and other applications on a domain controller is never recommended and also complicates things greatly when issue arise like this.

    A better option may be to install the hyper-v role (as only role) on host, then stand up virtual machines for active directory domain services, and other virtual machines for things like SQL Server and File / Print / Application server, etc.

    Hopefully there are known good state backups with which you can restore and try the upgrade process over again.

    --please don't forget to upvote and Accept as answer if the reply is helpful--