Server 2012
Version 6.2 Build 9200
Last night I went to remote into our file/DC server to check it. I couldn't connect using RDP even though the Sonicwall VPN showed me connected. I then tried my backup Chrome Remote Desktop to connect and could not. I shut down and restarted my Global VPN Client (GVC) and when I tried to enable it it prompted me for my password, which is saved on this computer. Putting in the password did not work.
I drove into the office and tried to connect to the server from the LAN. Same result. The server showed nothing on its monitor. So I restarted it. This fixed it and all was good.
I got on it again this morning around 09:00 and it appeared to be fine.
About 10:30 I got a call from a user that they could not connect to the internet. Their network showed "no internet". Restarted laptop, same thing. Ran the troubleshooter, no IP address. Then others started to complain. I could not wait to drive in so I just had the user power cycle the server. Again, all was good.
Now, looking at all the logs from 09:00 to 10:30 this morning the only errors I find are:
Error: TerminalServices - Printers ID 1111 These are always there and reflect my home printers not having drivers on the server
Warning: 1014 DNS Client Events "Name resolution for the name _ldap._tcp.dc._msdcs.BostonEnv.local. timed out after none of the configured DNS servers responded."
Warning: 6038 LSA (LsaSrv)
"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
Error: 8193 VSS. Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...). hr = 0x80070005, Access is denied.
Warning: 10020 This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.
2 Winlogon warnings about The winlogon notification subscriber <GPClient> took 75 second(s) to handle the notification event (CreateSession). and The winlogon notification subscriber <GPClient> is taking long time to handle the notification event (CreateSession).
These all occurred from 09:42 to 10:33. I got the call and restarted it.
After restart I had a bunch of TLS errors "A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70." some also had a code 40
I have looked all across the DHCP and DNS logs, nothing.
I suspect LDAP and/or DHCP/DNS.
I have changed nothing on this server for weeks
Last night I went to remote into our file/DC server to check it. I couldn't connect using RDP even though the Sonicwall VPN showed me connected. I then tried my backup Chrome Remote Desktop to connect and could not. I shut down and restarted my Global VPN Client (GVC) and when I tried to enable it it prompted me for my password, which is saved on this computer. Putting in the password did not work.
I drove into the office and tried to connect to the server from the LAN. Same result. The server showed nothing on its monitor. So I restarted it. This fixed it and all was good.
I got on it again this morning around 09:00 and it appeared to be fine.
About 10:30 I got a call from a user that they could not connect to the internet. Their network showed "no internet". Restarted laptop, same thing. Ran the troubleshooter, no IP address. Then others started to complain. I could not wait to drive in so I just had the user power cycle the server. Again, all was goood.
Now, looking at all the logs from 09:00 to 10:30 this morning the only errors I find are:
Error: TerminalServices - Printers ID 1111 These are always there and reflect my home printers not having drivers on the server
Warning: 1014 DNS Client Events "Name resolution for the name _ldap._tcp.dc._msdcs.BostonEnv.local. timed out after none of the configured DNS servers responded."
Warning: 6038 LSA (LsaSrv)
"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
Error: 8193 VSS. Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...). hr = 0x80070005, Access is denied.
Warning: 10020 This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only static IPv6 addresses.
2 Winlogon warnings about The winlogon notification subscriber <GPClient> took 75 second(s) to handle the notification event (CreateSession). and The winlogon notification subscriber <GPClient> is taking long time to handle the notification event (CreateSession).
These all occurred from 09:42 to 10:33. I got the call and restarted it.
After restart I had a bunch of TLS errors "A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70." some also had a code 40
I have looked all across the DHCP and DNS logs, nothing.
I suspect LDAP and/or DHCP/DNS.
I have changed nothing on this server for weeks.
Any ideas what this could be?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 81%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
