I have a server running Windows Server 2008 Enterprise SP1 that has a Hyper-V manager with two virtual machines. The problem that I am facing is that on any given day either one of the virtual machines becomes disjoined from our domain. This is a recurring issue and sometimes happens multiple times per day.
Any thoughts on how to troubleshoot and resolve this issue?
UPDATE
The virtual machines are randomly losing their connection to our domain controller. So, for example, when restarting a Windows service on one of the virtual machines that uses domain credentials the service fails to start.
As a resolution, we have to join the virtual machine to the local computer domain, restart, join it to our domain, then restart again. This process is very disruptive and time consuming.
UPDATE 2
Technically, restarting the virtual machines does not fix the problem, only after rejoining it to the domain.
I will check to see if the virtual machine is still visible from AD when it gets disjoined again.
The event logs don't show much useful information. They show when the Windows services stop due to domain credentials not working.
UPDATE 3
I found this interesting entry in the event log. This entry was created right before the Windows services stopped and domain authentication ceased:
Event ID: 1006
Source: GroupPolicy
Error: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look
in the details tab for error code and description.
UPDATE 4
Looks like when either of the virtual machines becomes dis-joined from the domain, it's not visible from AD on the domain controller.
UPDATE 5
Upon further investigation it looks like the virtual machines are indeed visible in AD on the DC when this "dis-joining" occurs. However, this issue seems to be plaguing our other servers.
A common symptom of this "dis-joining" issue is receiving the following error when logging in using domain credentials, e.g. DOMAIN\username instead of LOCAL\username:
The trust relationship between this workstation and the primary domain failed.
Best Answer
That means that someone or something is deleting the computer objects from your AD. Check for scheduled tasks, "cleanup" scripts, other admins, etc. A client-side problem will not remove the object from AD unless someone with privileged credentials unjoins the machine from the domain.
If worse comes to worse, you can turn on auditing and see what account is being used to delete these objects.