Windows 2000: bug hits Active Directory



Antony Savvas

Microsoft is desperately trying to create a patch to kill a bug in its Windows 2000 Active Directory, which crashes domain...



Antony Savvas

Microsoft is desperately trying to create a patch to kill a bug in its Windows 2000 Active Directory, which crashes domain controller servers containing multiple IP addresses on network interface cards (Nics).

The problem affects large organisations running "subnets" to their system. The problem is caused by servers hosting more than 51 IP addresses on a single Nic. When users try and do this, all of the objects in the Active Directory disappear. The server also sends an error message to the network administrator, so the system cannot be managed either.

As well as subnetting applications, the problem also affects mail servers and Web hosting solutions at ISPs and server farms. This is due to the large number of IP addresses which must be stored.

Microsoft explained that the problem is caused by a fault in its Lightweight Directory Access Protocol API.

Until a permanent fix is found, users can avoid the problem by reducing the number of IP addresses on the Nic to less than 51. Microsoft, which cannot say when the fix will be available, said an immediate remedy is to run separate servers to control the domains, but this could prove expensive for some companies.

Simon Moores, chairman of the Windows Users Forum, said, "This is potentially nasty for those companies running subnets to their system.

"The fact that very few companies are currently relying on Active Directory means that Microsoft has some time to rectify the problem, but those large companies in the middle of roll-outs should be aware of it."

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close