September 1, 2006
Lately we've been having problems with computers "falling off" Active Directory. This is a pain in the ass, because it means I have to Remote Desktop into them to get any work done.
The most likely culprit is a NIC going bad and spewing junk packets across the network. In fact, one of the Google returns for the problem mentions our motherboards' onboard NICs by brand. So we bought a bunch of gigabit ethernet cards and started replacing things.
I'd like to say that solved the problem, but it didn't. Can't hurt though, and good network cards are dirt cheap anymore. I finally saw a problem with the Computer Browser service in one of the affected systems' event log.
Computer Browser basically provides a list of all the computers on the (Windows) network to anyone who asks. It's how you are able to go to a command line and type ping computername and have it work, or access a share by going to \\computername. An Active Directory server has to run Computer Browser.
Nothing else does. The service, however, is on by default, and it seems to have gotten a little confused by the Fedora box we installed not too long ago. (I probably ought to read up on Samba, Linux's SMB implementation that lets Linux boxen access the Windows network.)
Anyway, back to Computer Browser. Every machine, 2K3 server and XP Pro alike, were running it, which was probably clogging up the network something fierce. I cut it down to just the Active Directory server (since it's required) and the SQL and mail servers (since I'm afraid to fuck with them). Things seem to be running much more smoothly now.