Last Thursday 29/01/04 I had a 2kServer go down. All shares were closed off and when trying to access active directory it told me that the server could not be contacted. The media server for backup exec also cannot be connected to. No users can log on

There are also EVENT ID 1000 and 1001 appearing sporadically in the event viewer.

This happens about 3-4 times a day. I know that trying to connect to the server via terminal services causes it to fall over.

I can get it back up again by starting the Backup Exec server service. I am aware that this may be whats causing the problem however I dont want to uninstall it as its my only way of getting the server to work.

I hope this makes sense. Has anyone come accross the same before?

Please help

Did you not try a last known good?

Or a backup restore as very very very last resort!

I have tried last known but it makes no difference. I have also considered demoting the PDC and promoting it again but it fails when I try to demote saying that it cant contact the active directory.

restoring a backup is really the last option, I am just afraid that if it was caused by a virus, I will be restoring that too

Justin, what are the full messages in the event viewer? (not just the event #)

Description: Security policy cannot be propagated. Cannot access the template. Error code = 3. \\mydomain.com\sysvol\mydomain.com\Policies\{31B2F 340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.

The difficulty is that I cant get access to the event viewer at the moment as running terminal services causes the server to fall over.

I have tried to reset the security policies as suggested by microsoft KB, it did reset the defaults on the policies but did not fix the problem. Was mydoom or other variants causing problems like this?

As soon as I restart the backup exec server service the server performs perfectly.
Thanks

http://support.microsoft.com/default.aspx?scid=kb;en-us;271213&Product=win2000

I have followed these instructions already thats were I got the event viewer info from "Description: Security policy cannot be propagated. Cannot access the template. Error code = 3. \\mydomain.com\sysvol\mydomain.com\Policies\{31B2F 340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windo......."


Unfortunately they all kind of lead back to restoring a backup which I cannot do as backup exec falls over when I try to connect to the media pool.

Thanks

Is backup Exec causing all of the problems? What happens if you disable all of the backup exec services.