---

NetworkWorld: Bug knocks Active Directory for a loop

“The bug is linked to the number of IP addresses that are
assigned to a single network interface card (NIC) or multiple NICs
in a Win 2000 server that is acting as a domain controller. On
servers hosting more than 51 IP addresses, all of the objects in
Active Directory will disappear. In addition, the server will
return an error message saying it is not operational when
administrators try to access
Active Directory Users and
Computers, Active Directory Domains and Trusts, and Active
Directory Sites and Services.”

“Officials at the BugNet Web site also were able to recreate the
bug, with a slight difference. They said they were able to log on
to Active Directory and browse the network, but could not see
directory entries. They also said they could no longer manage users
and resources in Active Directory. BugNet also is investigating
whether the bug affects the Domain Name System in Win 2000, but has
yet to reach any conclusions.”

“Microsoft has not said when patch will be available. “This
issue is relatively arcane, given that most organizations deploying
multi-homed servers supporting many IP addresses would deploy
domain controllers on separate machines for greater fault tolerance
and higher availability,” says a Microsoft spokesman.”

Complete
Story