I have discovered that from every non-domain-controller machine, the
following ASP page will intermittently fail:
<% var oLDAP = GetObject ("LDAP://localhost/DC=appdepot,DC=com") %>
<!-- Page OK -->
I have written a small script that continuously retrieves this page on a web
server and reports when the Page OK marker is not found. I can usually get
through about 100-200 queries before the first failure. After the first
failure, it fails 1 in about 25 queries on average.
The page does not fail if the web server is a domain controller. I sniffed
the network, and it looks like the LDAP query that fails in ASP actually
succeeds in LDAP. My servers are up to the latest service packs and
critical patches. All the servers are Windows 2000.
How can I diagnose my Active Directory installation and ensure that every
LDAP query run on a web server is successful?
To test in your own environment, here is the script that I use to generate
the load and check the result: it takes 2 parameters: a url, and a count
var iMaxErrors = 1;
var Args = WScript.Arguments;
if (Args.length < 2)
WScript.Echo ("format: checkpage.wsf url count");
var oHTTP = new ActiveXObject("Msxml2.XMLHTTP.4.0");
var fso = new ActiveXObject("Scripting.FileSystemObject");
var forAppend = 8;
var iErrorCount = 0;
var logFile = fso.OpenTextFile("C:\\temp\\checkpage.log", forAppend,
for (i=0;i<Args.item(1) && iErrorCount<iMaxErrors;i++)
oHTTP.Open ("GET", "http://"+Args.item(0), false);
if (oHTTP.responseText.indexOf("<!-- Page OK -->") < 0)
logFile.WriteLine(i +" failed");
logFile.WriteLine(i + " OK");
WScript.Echo ("There were " + iErrorCount + " errors in " + i + "