Re: Windows 2003 member server with Windows 2000 Domain Controller

From: Kevin D. Goodknecht [MVP] (admin_at_nospam.LSAOL.COM)
Date: 01/04/04


Date: Sun, 4 Jan 2004 14:09:22 -0600

In news:3ff75dfc$1@news.starhub.net.sg,
Citimouse <citimousemeow@hotmail.com> posted a question
Then Kevin replied below:
: Hi All,
:
: If anyone is having a Windows 2003 member server with a Windows 2000
: Domain Controller, will you please help me?
:
: I have 2 Windows 2003 servers with a Windows 2000 Domain Controller.
: In both Windows 2003 server, both registered the same event as
: mentioned below.
:
: Application Log
:
: Event Type: Error
: Event Source: Userenv
: Event Category: None
: Event ID: 1054
: Date: 12/30/2003
: Time: 10:09:31 AM
: User: NT AUTHORITY\SYSTEM
: Computer: AVIANO
: Description:
: Windows cannot obtain the domain controller name for your computer
: network. (The specified domain either does not exist or could not be
: contacted. ). Group Policy processing aborted.
:
: For more information, see Help and Support Center at
: http://go.microsoft.com/fwlink/events.asp.
:
:
: System Log
:
: Event Type: Error
: Event Source: NETLOGON
: Event Category: None
: Event ID: 5719
: Date: 1/4/2004
: Time: 5:33:15 AM
: User: N/A
: Computer: AVIANO
: Description:
: This computer was not able to set up a secure session with a domain
: controller in domain AAF due to the following:
: There are currently no logon servers available to service the logon
: request. This may lead to authentication problems. Make sure that
: this computer is connected to the network. If the problem persists,
: please contact your domain administrator.
:
: ADDITIONAL INFO
: If this computer is a domain controller for the specified domain, it
: sets up the secure session to the primary domain controller emulator
: in the specified domain. Otherwise, this computer sets up the secure
: session to any domain controller in the specified domain.
:
: For more information, see Help and Support Center at
: http://go.microsoft.com/fwlink/events.asp.
: Data:
: 0000: 5e 00 00 c0
: ^..
:
: It seems like the servers got dropped out of the domain and it cannot
: get authenticated. We have an in-house application and when the
: server got "disjoin" and when we tried to login to our application,
: it says access is denied and an event is recorded as below,
:
: Event Type: Failure Audit
: Event Source: Security
: Event Category: Logon/Logoff
: Event ID: 537
: Date: 30-Dec-03
: Time: 2:58:53 PM
: User: NT AUTHORITY\SYSTEM
: Computer: OSAN
: Description:
: Logon Failure:
: Reason: An error occurred during logon
: User Name: xxx
: Domain: yyy
: Logon Type: 3
: Logon Process: NtLmSsp
: Authentication Package: NTLM
: Workstation Name: HELP
: Status code: 0xC000005E
: Substatus code: 0x0
: Caller User Name: -
: Caller Domain: -
: Caller Logon ID: -
: Caller Process ID: -
: Transited Services: -
: Source Network Address: xx.xxx.xxx.xx
: Source Port: 1496
:
: I have done some research on the Internet and I have tried to follow
: some of the suggestions like using the updated network driver,
: disable media sensing, set the speed of the NIC to match the switch,
: install MS02-001 and others but still of no help. I wonder does this
: has to do with the Domain Controller. I have to rejoin the server to
: the domain at least twice a day.
:
: My DC is still in SP2 for some reasons it cannot be upgraded beyond
: SP2. Thank you very much in advance.

Can you post an ipconfig /all for the DC and the actual AD Domain name in
ADU&C?
Things I need to verify are this is not a single label domain name,
disjointed namespace, that all machines are using the DC ONLY for DNS. and
if the DC is multihomed. Any of these will cause problems with AD.

-- 
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
-- 
When responding to posts, please "Reply to Group"  via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
 http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
 http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
 http://www.oehelp.com/OEBackup/Default.aspx
==========================================


Relevant Pages

  • Site-tosite VPN Issue
    ... Windows Server 2003 domain controller ... Mixture of PCs running Windows 2000 Profressional with SP3 and Windows XP ... the VPN to the Windows Server 2003 domain controller. ... 12.7MB file from the server to the client PC. ...
    (microsoft.public.windows.server.networking)
  • RE: Internet Connection Wizard failing at Firewall Config and Secu
    ... You can use the Dcdiag.exe (Domain Controller Diagnostic Tool) included ... in Windows Support Tools to verify the AD status. ... Windows Server 2003 Active Directory Diagnostics, ...
    (microsoft.public.windows.server.sbs)
  • RE: Provide feedback to DC promotion/replacement
    ... one of the is reffering to a Windows 2000 ... As i sad in the previous posts, to rename a domain controller ... controllers in the domain must be running Windows Server 2003. ... a global catalog. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Windows 2003 DCPROMO Problem
    ... Controllers and you want to add a Windows Server 2003 Domain Controller. ... "Nejmos Saqeb" wrote in message ...
    (microsoft.public.windows.server.active_directory)
  • Re: Pre-authentication failed for Windows 2008 systems
    ... Failure Code: 0x19 ... Client Address: SERVER IP ... Our active directory domain consists of two windows 2003 R2 x64 ... On the domain controller, ...
    (microsoft.public.windows.server.security)