Welcome to TechNet Blogs Sign in | Join | Help

News

  • Welcome to the blog for the Microsoft CSS Enterprise Platforms Networking team.

    Disclaimer: All postings are provided "AS IS" with no warranties, and confer no rights. This weblog does not represent the thoughts, intentions, plans or strategies of Microsoft. Because a weblog is intended to provide a semi-permanent point-in-time snapshot, you should not consider out of date posts to reflect current thoughts and opinions.

    Blog Tools

    Add to Technorati Favorites
    Blog Flux Directory
    Computers Blogs - Blog Top Sites

    Add to Google

    Locations of visitors to this page

Intermittent file sharing connectivity from various clients to a Windows Server 2008 server

Issue

In recent weeks we have seen a number of cases with intermittent file sharing connectivity to Windows Server 2008 servers. I wanted to get this information out so that people who may be experiencing the issue won't have to spend a lot of time tracking down the problem.

The issue generally manifests in one of two ways:

  • After a period of time Windows XP and Windows Server 2003 clients can connect to file shares on a Windows Server 2008 server but Windows Vista clients time-out.
  • After a period of time Windows Vista clients can connect to file shares on a Windows Server 2008 server but Windows XP and Windows Server 2003 clients time-out.

Network traces look similar in both cases. After the TCP 3-way handshake the client sends an SMB Negotiate Dialect but the server doesn't respond.

Eventually the TCP session times out and is reset as seen in this example:

image

Resolution

Two things are currently known to address the issue:

  • Upgrading the NIC drivers is known to help but not completely resolve the issue.
  • In the cases we have seen so far, uninstalling anti-virus software has resolved the issue.

Most of these cases involved older anti-virus software versions but we have also seen the issue with current versions that are supported on Windows Server 2008.

While there is not currently a complete resolution, I hope providing this information will help some people identify this issue quickly so they can resolve it and minimize the disruption to their environment.

- David Pracht

Posted: Thursday, July 10, 2008 7:03 PM by MichaelPlatts

Comments

Matt Johnson's Technical Adventures said:

Ask the Directory Services Team : Five Common Causes of “Waiting for the DFS Replication service to retrieve

# July 16, 2008 9:41 AM

Robert Kane said:

We experienced this issue with two Windows Server 2008 Standard 64-bit servers with Symantec Antivirus Client 10.2.  The servers are domain controllers.  

We had over 600 users who could not logon.  We recieved RPC errors and errors processing group policy as well as no domain could be located errors.

We also received the following errors on the servers in the Windows System event logs:

Event ID 4226 Source tcpip: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts

Event ID 2022 Source srv: The server was unable to find a free connection <number> times in the last <number> seconds.

The event ID 2022 errors we received when the problem occurred and there were multiples of these which occurred every 20 to 30 seconds.

The problem could temporarily be worked aorund by reboots, but eventually returned.

We uninstalled Symantec AV and have not had the issue since.

Can anyone provide more details as to how the antivirus causes this problem?

# October 6, 2008 5:04 PM
Leave a Comment

(required) 

(required) 

(optional)

(required) 

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Page view tracker