I have two servers that are DC's one is a Windows 2003 SBS SP2 and the second is a Windows 2008 Server.
They use DFS with FRS.
We've have a mix of windows Vista and Windows 7 machines on our network 32 and 64bit.
All the sudden lately we've been experiencing hanging randomly when accessing the DFS network shares on all the machines.
I have a saved cap file with a few times when the issues has occurred. I see a lot of errors but not defiant reason as to why we are experiencing hanging.
Below is a snip-it of errors from the time frame when one of the hanging of access occurred.
428844 | 11/3/2010 10:58 | System | SYSTEM08 | SERVER1 | SMB | SMB:C; Nt Create Andx, FileName = \.local\Shared\desktop.ini |
428845 | 11/3/2010 10:58 | System | SERVER1 | SYSTEM08 | SMB | SMB:R; Nt Create Andx - NT Status: System - Error, Code = (52) STATUS_OBJECT_NAME_NOT_FOUND |
428891 | 11/3/2010 10:58 | SYSTEM08 | SERVER1 | TCP | TCP:[Continuation to #428888]Flags=...AP..., SrcPort=57591, DstPort=Kerberos(88), PayloadLen=370, Seq=233155587 - 233155957, Ack=2679799480, Win=16695 (scale factor 0x0) = 16695 | |
428892 | 11/3/2010 10:58 | SERVER1 | SYSTEM08 | KerberosV5 | KerberosV5:KRB_ERROR - KDC_ERR_S_PRINCIPAL_UNKNOWN (7) | |
428896 | 11/3/2010 10:58 | System | SYSTEM08 | SERVER1 | SMB | SMB:C; Session Setup Andx, NTLM NEGOTIATE MESSAGE |
428897 | 11/3/2010 10:58 | System | SERVER1 | SYSTEM08 | SMB | SMB:R; Session Setup Andx, NTLM CHALLENGE MESSAGE - NT Status: System - Error, Code = (22) STATUS_MORE_PROCESSING_REQUIRED |
428902 | 11/3/2010 10:58 | System | SYSTEM08 | SERVER1 | SMB | SMB:C; Transact2, Query File Info, Query File Standard Info, FID = 0x0000 |
428903 | 11/3/2010 10:58 | System | SERVER1 | SYSTEM08 | SMB | SMB:R; Transact2, Query File Info - NT Status: System - Error, Code = (8) STATUS_INVALID_HANDLE |
428904 | 11/3/2010 10:58 | System | SYSTEM08 | NT | SMB | SMB:C; Transact2, Query File Info, Query File Standard Info, FID = 0x0000 |
428905 | 11/3/2010 10:58 | System | SERVER1 | SYSTEM08 | SMB | SMB:R; Transact2, Query File Info - NT Status: System - Error, Code = (8) STATUS_INVALID_HANDLE |
428906 | 11/3/2010 10:58 | System | SYSTEM08 | SERVER1 | SMB | SMB:C; Transaction, Named Pipe, Wait named pipe, PathName = \PIPE\MsFteWds |
428907 | 11/3/2010 10:58 | System | SERVER1 | NINJA08 | SMB | SMB:R; Transaction - NT Status: System - Error, Code = (52) STATUS_OBJECT_NAME_NOT_FOUND |
428941 | 11/3/2010 10:58 | 25.171.3.5 | SERVER1 | DNS | DNS:QueryId = 0xD98F, QUERY (Standard query), Response - Name Error | |
428942 | 11/3/2010 10:58 | dns.exe | SERVER1 | SERVER2.local | DNS | DNS:QueryId = 0x2114, QUERY (Standard query), Response - Name Error |
429035 | 11/3/2010 10:58 | System | SYSTEM08 | SERVER1 | SMB | SMB:C; Nt Cancel |
429036 | 11/3/2010 10:58 | System | SERVER1 | SYSTEM08 | SMB | SMB:R; Nt Transact, NT_TRANSACT_NOTIFY_CHANGE, FID = 0x0004 - NT Status: System - Error, Code = (288) STATUS_CANCELLED |