HPE Community
ProLiant Servers (ML,DL,SL)
1753417 Members
5082 Online
108793 Solutions
New Discussion юеВ

Proliant Buffer Overflow Problem

 
Jeremy_43
Occasional Advisor

тАО01-26-2004 03:43 AM

тАО01-26-2004 03:43 AM

Proliant Buffer Overflow Problem

I am running Windows 2000 Server on a Compaq Proliant ML370 G3 and up until 2 months ago, all had been a dream. All the sudden, I get a few errors from Windows:

Source: Userenv
Event ID: 1000
Message: Windows cannot query for the list of Group Policy objects . A
message that describes the reason for this was previously logged by this
policy engine.
Number Of Time Before Crash: 4

Source: Userenv
Event ID: 1000
Message: Windows cannot connect to starprecision.com with (0x2747).
Number Of Time Before Crash: 3

Source: Userenv
Event ID: 1000
Message: Windows cannot determine the user or computer name. Return value
(14).

These errors, along with application related errors point to a "Buffer Overflow" that is happening causing my Active Directory to be inaccessible and then the server has to be rebooted. The server never stays up more than 4 days without this happening. Just as a precaution, I've uninstalled all Compaq/HP related tools as the first errors pointed toward a Performance Counter for the NIC and still, I get the same problem. I have uninstalled all applications that would run on the server but still...I get the problem. Anyone experience this? I can get any logs for your that you'd need to help me diagnose this. Thanks in advance, Jeremy
0 Kudos
Reply
12 REPLIES 12
Ken Henault
Honored Contributor

тАО01-26-2004 06:32 AM

тАО01-26-2004 06:32 AM

Re: Proliant Buffer Overflow Problem

Did anything change two months ago? Did you start adding Windows Server 2003 or Windows XP systems in you environment?

Check to make sure you have given the "Domain Computers" object Read & Apply Group Policy permissions in the GP, also if there XP machines also make sure you give Domain Computers or the computer account read access to the OU
Ken Henault
Infrastructure Architect
HP
0 Kudos
Reply
Jeremy_43
Occasional Advisor

тАО01-26-2004 06:40 AM

тАО01-26-2004 06:40 AM

Re: Proliant Buffer Overflow Problem

I have no XP machines on this network. I did have a problem with a domain controller that had a hard drive go out and there was no way to get the system back up so this new Compaq server had to seize roles and when that happened, the Directory was jacked up. I fixed the directory and all directory related issues and also updated all drivers and such from Microsoft and Compaq. Not sure if any of those drivers messed things up but at first, I'd get driver related errors that mentioned a buffer overflow regarding the NIC's Performance Counters installed by Compaq. I don't know where to go next. I have added an additional DC to the network to see if it has the same results and if so, I know there is something wrong with the directory but I'm sure that won't happen. If my new DC works for a week without having the same problems, I'll probably have to reinstall windows on this Compaq machine and I would hate to do that. Please give me any ideas or anything I can give you to help me out. Thanks, Jeremy
0 Kudos
Reply
Neal Bowman
Respected Contributor

тАО01-27-2004 01:30 AM

тАО01-27-2004 01:30 AM

Re: Proliant Buffer Overflow Problem

It sounds as if the object for this computer has been corrupted in some manner. I would suggest removing the computer from your AD, providing the username and password of a domain administrator, and letting a replication cycle go by. You can force a replication if you do not want to wait the 5-15 minutes. Reboot your computer into the workgroup environment and make sure all comes up clean. If you have any services that are starting as a domain user or service account, you may see errors about services failed to start. Check your event logs to see which services are affected.

Once the computer account is no longer seen in AD, go back and add the computer back into the AD, again providing username and password of an authorized domain administrator. Once you receive the Welcome to domain X message, reboot your computer and again, check the event logs for clean startups. Good luck!
0 Kudos
Reply
Jeremy_43
Occasional Advisor

тАО02-02-2004 06:40 AM

тАО02-02-2004 06:40 AM

Re: Proliant Buffer Overflow Problem

I have clean startups everytime I boot up but after a few days, 4 max, I get these errors. Like I said, I all the errors lead to a Buffer Overflow. Would Service Pack 4 cause this? Thanks, Jeremy
0 Kudos
Reply
Jeremy Whitlock
New Member

тАО02-09-2004 03:51 AM

тАО02-09-2004 03:51 AM

Re: Proliant Buffer Overflow Problem

I am back, under a new name, and now I came to give more information. Here are the apps installed:

Apache
IMail
MySQL
Office XP

Those are the only apps installed. For some reason, I keep getting a buffer overflow that causes all network related items hosted by this server to go down. Can someone help me diagnose this Buffer Overflow? Thanks, Jeremy
0 Kudos
Reply
Neal Bowman
Respected Contributor

тАО02-09-2004 04:41 AM

тАО02-09-2004 04:41 AM

Re: Proliant Buffer Overflow Problem

Confirm your DNS settings for this server are correct.

Event ID 1000 Is Logged in the Application Event Log (261007)
SYMPTOMS
The following event may be logged in the Application event log:

Event ID: 1000
Event Source: Userenv
Description:
Windows cannot determine the user or computer name. Return value (1722).
The client computer may also experience an extremely slow logon.
CAUSE
This behavior can occur if the address for the configured preferred DNS server on the client is invalid or unreachable.
RESOLUTION
To resolve this behavior, correct the DNS address in the Internet Protocol (IP) properties:
Right-click My Network Places, and then click Properties.
Right-click Local Area Connection, and then click Properties.
Click Internet Protocol (TCP/IP), and then click Properties.
Type the correct DNS address in the Preferred DNS server box.
The information in this article applies to:
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Professional

Are you using DHCP for IP addresses or is this server using static IP config? Look closely at the settings. Can you ping from the server by IP address? By remote hostname?
0 Kudos
Reply
Jeremy Whitlock
New Member

тАО02-09-2004 04:47 AM

тАО02-09-2004 04:47 AM

Re: Proliant Buffer Overflow Problem

I've checked DNS and DHCP but I'll do it again. I can successfully ping by IP or hostname until this event starts happening, which is usually 3-4 days after a reboot. When I reboot, all services start with no errors and all replication happens with no problems either. Then, aroun day 3-4, all network traffic to and from the server is rejected due to a buffer overflow but with no error related to why it happens or what is causing it. If you think of anything, let me know otherwise, assume that I've already checked DNS and DHCP and they are correct. If they aren't, I'll update. Thanks, Jeremy
0 Kudos
Reply
Jeremy_43
Occasional Advisor

тАО02-09-2004 04:56 AM

тАО02-09-2004 04:56 AM

Re: Proliant Buffer Overflow Problem

I've replaced my password so I can now reassign points. :) Anyways, I use static IP addresses for all servers and system. I have a lot of 25 DHCP IP addresses that are used for laptops, wireless and visitor computers. I have checked my DNS setup for the problematic server and it points to itself as the preferred DNS since it is the main DNS Server for our network. Got anymore ideas? Thanks in advance, Jeremy
0 Kudos
Reply
Jeremy_43
Occasional Advisor

тАО02-09-2004 04:57 AM

тАО02-09-2004 04:57 AM

Re: Proliant Buffer Overflow Problem

Oh yeah, I can run dcdiag and netdiag with no errors. I have other log files that might interest you. If you feel that you need logs or more information, just ask. Thanks, Jeremy
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.