Re: Event ID 5719: No Windows NT or Windows 2000 Domain Controller is available for domain <domain>.

To start with you way over complicated things. Apparently you messed with
the logon locally or deny logon locally user rights in a domain level Group
Policy. All you had to do, assuming you can logon to a domain controller, is
to modify those user rights in the same GPO and then reboot the domain
computer and you should have been able to logon. My bet is that you added a
group to deny logon locally such as users.

From where you are at now the first thing I would do is to make sure that
the computer is configured correctly as far as DNS in that it points only to
domain controllers as it's preferred and secondary DNS servers in tcp/ip
properties and NEVER list an ISP DNS server for ANY domain computer. The
link below explains more on AD DNS. Verify that your DNS is correctly
configured and then see what happens. You can also run the support tool
netdiag on any domain computer to check the health of many domain related
issues such as DNS, dc discovery, and secure channel. Http://www.eventid.net
is a great place to lookup information on events IDs as users share their
experiences as to what they found to be the problem and solution.

Steve

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382 --- AD
DNS FAQ
http://www.eventid.net/display.asp?eventid=10010&eventno=508&source=DCOM&phase=1
--- Eventid.net on Event 10010
http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222 --- last
resort use of secedit command to reset local security settings to default
defined levels and note use of the /areas switch. Do NOT attempt this on a
Windows 2003 Server as it will screw up services settings severely.

"MyndPhlyp" <nobody@xxxxxxxxxxxxx> wrote in message
news:%23ikDt8p5GHA.4644@xxxxxxxxxxxxxxxxxxxxxxx
Okay, I successfully shot myself in the foot a few days ago. Managed to
lock
myself out of a Win2K Pro workstation by messing around with a Group
Security Policy on the Win2K DC. Panic set it and I eventually fell upon
this KB article:

http://support.microsoft.com/kb/826903

Without thinking [...could probably stop right there...] about stashing a
backup copy of the system32\config\security file I stomped on it with the
repair\security file and went on to attempt cleaning house. I deleted the
newly-created GSP from the DC, removed the workstation from AD, and
changed
the workstation to rejoin the domain.

Checking the workstation's Event Log from the DC (fresh workstation boot
and
without logging onto the workstation) I get the following error:

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
User: N/A
Computer: MYWIN2KPRO
Description:
No Windows NT or Windows 2000 Domain Controller is available for domain
MYNET. The following error occurred:
There are currently no logon servers available to service the logon
request.
Data:
0000: 5e 00 00 c0

Citrix and RAS are not part of the picture. (Yeah, I've run across several
of those KBs.) NetBT buffers is not the problem either. (Yeah, I've hit
several of those, too.)

At shutdown time for the workstation, I get a DCOM error:

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
User: MYNET\Bonehead
Computer: MYWIN2KPRO
Description:
The server {563B0D4F-3080-4B80-B47A-7CA258999376} did not register with
DCOM
within the required timeout.

Searching through the workstation's Registry,
563B0D4F-3080-4B80-B47A-7CA258999376 = AcctMgr.FormHandler CLSID.

I'm pretty much convinced I've successfully hosed the security settings on
the workstation. (Gee, ya think?) Short of nuking the village and starting
over, or considering a career in basket weaving and door-to-door sales,
I'd
appreciate some constructive assistance in correcting this.

[Bonus follow-up question, with double the trivia points, regarding Event
ID
565 appearing in the DC's logs for whoever successfully solves today's
trivia question.]

Help? Please? Anybody?




.

Relevant Pages

  • Re: Event 533: User not allowed to logon at this computer
    ... When this happens see if only that user is unable to logon to the "domain" ... or this happens to all domain users trying to logon from that workstation. ... computers are configured correctly for dns and have network connectivity to ... netdiag and dcdiag on the domain controllers and check Event Viewer on both ...
    (microsoft.public.security)
  • Re: Authentication process extremely long...
    ... logging on to Windows XP Pro in a domain environment can take up to ... If I logon using the same user name but on a different computer the ... Check the DNS settings on the workstation. ...
    (microsoft.public.windowsxp.general)
  • Re: Daily Server Report (Critical Errors, Event ID: 537)
    ... Also, Logon type of 3 is a network logon, this is considered a ... Does this issue happen on client workstation or server? ... Does your server and all clients' workstation work well now? ... issue in your Network? ...
    (microsoft.public.windows.server.sbs)
  • Re: Daily Server Report (Critical Errors, Event ID: 537)
    ... Also, Logon type of 3 is a network logon, this is considered a ... Does this issue happen on client workstation or server? ... Does your server and all clients' workstation work well now? ... issue in your Network? ...
    (microsoft.public.windows.server.sbs)
  • Re: Users cannot access remote web workplace without admin access
    ... RWW site logon issue ... When we create the user accounts by using the SBS add users ... workstation through the RWW-RDP connection? ... For the RDP access issue, it could be an expected behavior. ...
    (microsoft.public.windows.server.sbs)