Re: netlogon error
From: Brown (fbrown_at_mta-inc.com)
Date: 01/10/05
- Next message: Jeff Cichocki: "Deny rights question"
- Previous message:
: "Re: Changing Global Group to Domain Local Group." - In reply to: Roger Abell: "Re: netlogon error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 10 Jan 2005 07:40:04 -0600
Good Monday,
Restarted non-SBS machine, Ran netdiag and dcdiag no change.
Went into AD Sites & Services, under Security added SELF and checked
permissions to allow all authenticated writes.
Ran dcdiag and netdiag, no change.
Brown
"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:Oiv3YSU9EHA.1392@tk2msftngp13.phx.gbl...
> OK. So it sounds like we have gotten past the first round
> of what was preventing the dcpromo, and actually things
> look like they are lined up . . . I am a little blind at a
> distance at this point so . . .
>
> It may be time to do a fresh reboot of the nonSBS and then
> see what dcdiag and netdiag have to say when run on the
> nonSBS - as I think the last time we ran them we were
> not in DNS and hence not visible in results of the KCC
> replication algorithms.
>
> But - before we do this, one thing to check, although I cannot
> imagine this not being set correctly. In AD Users and
> Computers find the computer object for the nonSBS in the
> Domain Controllers OU and access its properties.
> In the security settings locate and highlight "Self" and verify
> that it does have checked the rights to Validated writes to
> DNS hostname and also to Service principal name
> If they are not checked to Allow, make it so.
>
> --
> Roger Abell
> Microsoft MVP (Windows Security)
> MCSE (W2k3,W2k,Nt4) MCDBA
> "Brown" <fbrown@mta-inc.com> wrote in message
> news:eMwhafP9EHA.2180@TK2MSFTNGP12.phx.gbl...
> > In the DNSMGNT console on the SBS box, all entries in the forward lookup
> > zone for the non-SBS box are identicle to the entries in the forward
> lookup
> > zone on the SBS box.
> > Brown
> > "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> > news:O9aGyKP9EHA.2196@TK2MSFTNGP11.phx.gbl...
> > > <quote>
> > > There is a netlogon.dns file deposited in the config folder in
> > > system32 on DCs, and these are unique toeach DC. The
> > > records that are recorded there in the nonSBSare what
> > > should now exist in the DNS on the SBS machine.
> > > </quote>
> > > If those records do not exist in the SBS DNS forward zones
> > > then the KCC (algoritm that generates the replication paths)
> > > will not be able to do its job.
> > >
> > > If you look in the Sites and Domains and drill in and do see
> > > that NTDS settings for the nonSBS does have replication links
> > > defined, then it is doing its job. If not, it may be that these DNS
> > > records did not get registered.
> > >
> > > --
> > > Roger Abell
> > > Microsoft MVP (Windows Server System: Security)
> > > MCDBA, MCSE W2k3+W2k+Nt4
> > > "Brown" <fbrown@mta-inc.com> wrote in message
> > > news:u3SC12M9EHA.960@TK2MSFTNGP11.phx.gbl...
> > > > OK, I launch the dnsmgmt console on the SBS box.
> > > > Under the SBS > Forward Lookup Zones > in the MTA-Inc.local folder,
> the
> > > > non-SBS box is listed.
> > > > I located the netlogon.dns file in windows\system32\config on the
SBS
> > box.
> > > > Last modified 0718 this AM. (I had to stop and restart the box to
> > replace
> > > > a
> > > > faulty UPS this AM)
> > > > On the non-SBS box, same place last update 1356 yesterday (restart
> time)
> > > > Brown
> > > >
> > > > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > > > news:OLyR5bM9EHA.4072@TK2MSFTNGP10.phx.gbl...
> > > >> Those messages when launching those tools on the nonSBS
> > > >> seems to indicate that the AD initial replication into it still
> > > >> has not happened.
> > > >>
> > > >> There is no software firewall configured on the SBS, right?
> > > >>
> > > >> You have not yet mentioned whether after yesterday morning
> > > >> when the DNS config of the nonSBS was changed, is the nonSBS
> > > >> now showing in the forward lookup zones when viewed in the
> > > >> SBS DNS mgmt UI. There is a netlogon.dns file deposited in
> > > >> the config folder in system32 on DCs, and these are unique to
> > > >> each DC. The records that are recorded there in the nonSBS
> > > >> are what should now exist in the DNS on the SBS machine.
> > > >>
> > > >> If you run Sites and Services on the SBS and drill in do you
> > > >> also see the nonSBS there? If so, do you see under its NTDS
> > > >> settings that there are replication links defined to it?
> > > >>
> > > >> --
> > > >> Roger
> > > >> "Brown" <fbrown@mta-inc.com> wrote in message
> > > >> news:ezfFk2L9EHA.1524@TK2MSFTNGP09.phx.gbl...
> > > >> > The non-SBS does appear in the Domain Controllers OU on the SBS
> box.
> > > > With
> > > >> > the changes I have made in the last couple of days, when I launch
> AD
> > > > Users
> > > >> &
> > > >> > Computers on the non-SBS I get an error that states
> > > >> > "Naming information cannot be located becuase:
> > > >> > The target principal name is incorrect.
> > > >> > Contact your system administrator to verify that your domain is
> > > >> > properly
> > > >> > configured and is currently online."
> > > >> > Same message for AD Site & Services.
> > > >> > AD Domains & Trust gives the message
> > > >> > "The configuration information describing this enterprise is not
> > > >> available.
> > > >> > The target principal name is incorrect."
> > > >> >
> > > >> > It looks like something is not pointing to the right place, but I
> > have
> > > > no
> > > >> > clue.
> > > >> >
> > > >> > Brown
> > > >> >
> > > >> > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > > >> > news:Ow#phqF9EHA.3504@TK2MSFTNGP12.phx.gbl...
> > > >> > > After the reboot, or also after waiting a while ?
> > > >> > > The replication does not complete instantly.
> > > >> > >
> > > >> > > When you use AD Users and Computers on the SBS do
> > > >> > > you see the W2k3 listed in the Domain Controllers OU ?
> > > >> > > It is starting to sound like it is not going to be there
(meaning
> > > >> > > that the W2k3 believes it is supposed to be a DC but the SBS
> > > >> > > does not - something I can't understand happening except maybe
> > > >> > > if during dcpromo NetBios based RPC communications is
> > > >> > > interrupted early in the promo but is OK at the very start)
> > > >> > >
> > > >> > > --
> > > >> > > Roger
> > > >> > > "Brown" <fbrown@knology.net> wrote in message
> > > >> > > news:%234PIOJF9EHA.3676@TK2MSFTNGP10.phx.gbl...
> > > >> > > > After the restart on the nonSBS machine this morning, when I
> open
> > > >> Active
> > > >> > > > Directory Users and Computers I indicates that AD is not
> running.
> > > >> > > >
> > > >> > > > Brown
> > > >> > > >
> > > >> > > > "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message
> > > >> > > > news:%234oS7IE9EHA.3012@TK2MSFTNGP09.phx.gbl...
> > > >> > > > > Those message are not unexpected the first time around,
> because
> > > >> > > > > the new DC has not yet completed its initial sync with the
> > > > existing
> > > >> > AD,
> > > >> > > > > and so does not have its own copy (which it was trying to
> > > >> > > > > access).
> > > >> > > > > One would expect those to go away in the future as when the
> DNS
> > > >> > > > > server code fires up it then will find the AD content it is
> > > >> > complaining
> > > >> > > > > about not finding now.
> > > >> > > > >
> > > >> > > > > The issue is, do we have a functioning DC that does have
> > > > replication
> > > >> > > > > established with the SBS DC ?
> > > >> > > > >
> > > >> > > > > At a cmd prompt run replmon and connect to the two DCs and
> > drill
> > > >> > > > > into the defined replications to see if things seem to be
> > > > happening.
> > > >> > > > > Alternatively, on the nonSBS run AD Users and Computers,
use
> > the
> > > >> > > > > properties to make sure that you are focused on the nonSBS
> > > >> > > > > machine
> > > >> > > > > and the domain controller the tool is speaking with, and
then
> > > > click
> > > >> > > > > around and see if it looks the same as when the tool is
> > connected
> > > >> > > > > to AD on the SBS machine.
> > > >> > > > >
> > > >> > > > > --
> > > >> > > > > Roger Abell
> > > >> > > > > Microsoft MVP (Windows Server System: Security)
> > > >> > > > > MCDBA, MCSE W2k3+W2k+Nt4
> > > >> > > > > "Brown" <fbrown@mta-inc.com> wrote in message
> > > >> > > > > news:%23P7OoiA9EHA.3944@TK2MSFTNGP12.phx.gbl...
> > > >> > > > >> OK, Got through the steps and restarted. In the dnsmgmt
> > console
> > > > on
> > > >> > the
> > > >> > > > >> Win2K3, got a warning:
> > > >> > > > >> Event Type: Warning
> > > >> > > > >> Event Source: DNS
> > > >> > > > >> Event Category: None
> > > >> > > > >> Event ID: 4013
> > > >> > > > >> Date: 1/6/2005
> > > >> > > > >> Time: 9:40:16 AM
> > > >> > > > >> User: N/A
> > > >> > > > >> Computer: MTA-SERVER02
> > > >> > > > >> Description:
> > > >> > > > >> The DNS server was unable to open the Active Directory.
> This
> > > >> > > > >> DNS
> > > >> > > server
> > > >> > > > >> is
> > > >> > > > >> configured to use directory service information and can
not
> > > > operate
> > > >> > > > >> without
> > > >> > > > >> access to the directory. The DNS server will wait for the
> > > >> directory
> > > >> > to
> > > >> > > > >> start. If the DNS server is started but the appropriate
> event
> > > > has
> > > >> > not
> > > >> > > > >> been
> > > >> > > > >> logged, then the DNS server is still waiting for the
> directory
> > > >> > > > >> to
> > > >> > > start.
> > > >> > > > >>
> > > >> > > > >> For more information, see Help and Support Center at
> > > >> > > > >> http://go.microsoft.com/fwlink/events.asp.
> > > >> > > > >> Data:
> > > >> > > > >> 0000: 2d 23 00 00 -#..
> > > >> > > > >> -------
> > > >> > > > >> Then got an error:
> > > >> > > > >> Event Type: Error
> > > >> > > > >> Event Source: DNS
> > > >> > > > >> Event Category: None
> > > >> > > > >> Event ID: 4000
> > > >> > > > >> Date: 1/6/2005
> > > >> > > > >> Time: 9:40:16 AM
> > > >> > > > >> User: N/A
> > > >> > > > >> Computer: MTA-SERVER02
> > > >> > > > >> Description:
> > > >> > > > >> The DNS server was unable to open Active Directory. This
> DNS
> > > >> server
> > > >> > is
> > > >> > > > >> configured to obtain and use information from the
directory
> > for
> > > >> this
> > > >> > > zone
> > > >> > > > >> and is unable to load the zone without it. Check that the
> > > >> > > > >> Active
> > > >> > > > >> Directory
> > > >> > > > >> is functioning properly and reload the zone. The event
data
> is
> > > > the
> > > >> > > error
> > > >> > > > >> code.
> > > >> > > > >>
> > > >> > > > >> For more information, see Help and Support Center at
> > > >> > > > >> http://go.microsoft.com/fwlink/events.asp.
> > > >> > > > >> Data:
> > > >> > > > >> 0000: 2d 23 00 00 -#..
> > > >> > > > >>
> > > >> > > > >> Brown
> > > >> > > > >> "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > > >> > > > >> news:#9C#vFA9EHA.3504@TK2MSFTNGP12.phx.gbl...
> > > >> > > > >>> On the nonSBS mta-server02 try reversing these DNS
> > > >> > > > >>> server settings in its Tcp/Ip properties
> > > >> > > > >>> DNS Servers . . . . . . . . . . . : 192.168.1.98
> > > >> > > > >>>
192.168.1.99
> > > >> > > > >>> so that 1.99 is the first listed DNS server IP
> > > >> > > > >>> (assuming 1.99 is the SBS)
> > > >> > > > >>>
> > > >> > > > >>> Then on the SBS temporarily change the DNS
> > > >> > > > >>> forward zone for MTA-inc.local so that it will
> > > >> > > > >>> allow unsecured dynamic updates instead of only
> > > >> > > > >>> secured dynamic updates. (This is found in the
> > > >> > > > >>> r-click properties of the MTA-inc.local forward
> > > >> > > > >>> zone node - first set focus on the node by clicking
> > > >> > > > >>> and then r-click into its context menu.)
> > > >> > > > >>>
> > > >> > > > >>> Next, on the nonSBS at cmd prompt run these three:
> > > >> > > > >>> ipconfig /registerdns
> > > >> > > > >>> net stop netlogon
> > > >> > > > >>> net start netlogon
> > > >> > > > >>>
> > > >> > > > >>> Take a look into the forward zone for MTA-inc.local
> > > >> > > > >>> in the DNS server on SBS to see if the there are now
> > > >> > > > >>> DNS records for mta-server02 indicating its 1.98 addy,
> > > >> > > > >>>
> > > >> > > > >>> If so, try a reboot of the nonSBS.
> > > >> > > > >>>
> > > >> > > > >>> You will need to remember to set the forward zone
> > > >> > > > >>> back to allowing only secured dynamic updates after
> > > >> > > > >>> you are done. It would be good to leave both DCs
> > > >> > > > >>> set with their DNS servers in Tcp/Ip config set so
> > > >> > > > >>> that they first reference the other and next reference
> > > >> > > > >>> themselves - however, if doing this then both would
> > > >> > > > >>> need to be able to get out to the internet DNS servers.
> > > >> > > > >>>
> > > >> > > > >>>
> > > >> > > > >>> --
> > > >> > > > >>> Roger Abell
> > > >> > > > >>> Microsoft MVP (Windows Security)
> > > >> > > > >>> MCSE (W2k3,W2k,Nt4) MCDBA
> > > >> > > > >>> "Brown" <fbrown@mta-inc.com> wrote in message
> > > >> > > > >>> news:erOKNe$8EHA.2600@TK2MSFTNGP09.phx.gbl...
> > > >> > > > >>> > Here is the ipconfig:
> > > >> > > > >>> > Windows IP Configuration
> > > >> > > > >>> >
> > > >> > > > >>> > Host Name . . . . . . . . . . . . : mta-server02
> > > >> > > > >>> >
> > > >> > > > >>> > Primary Dns Suffix . . . . . . . : MTA-inc.local
> > > >> > > > >>> >
> > > >> > > > >>> > Node Type . . . . . . . . . . . . : Broadcast
> > > >> > > > >>> >
> > > >> > > > >>> > IP Routing Enabled. . . . . . . . : Yes
> > > >> > > > >>> >
> > > >> > > > >>> > WINS Proxy Enabled. . . . . . . . : Yes
> > > >> > > > >>> >
> > > >> > > > >>> > DNS Suffix Search List. . . . . . : MTA-inc.local
> > > >> > > > >>> >
> > > >> > > > >>> > Ethernet adapter Local Area Connection:
> > > >> > > > >>> >
> > > >> > > > >>> > Connection-specific DNS Suffix . :
> > > >> > > > >>> >
> > > >> > > > >>> > Description . . . . . . . . . . . : SiS 900-Based PCI
> Fast
> > > >> > Ethernet
> > > >> > > > >>> Adapter
> > > >> > > > >>> >
> > > >> > > > >>> > Physical Address. . . . . . . . . : 00-0C-6E-AF-F9-6C
> > > >> > > > >>> >
> > > >> > > > >>> > DHCP Enabled. . . . . . . . . . . : No
> > > >> > > > >>> >
> > > >> > > > >>> > IP Address. . . . . . . . . . . . : 192.168.1.98
> > > >> > > > >>> >
> > > >> > > > >>> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > > >> > > > >>> >
> > > >> > > > >>> > Default Gateway . . . . . . . . . : 192.168.1.1
> > > >> > > > >>> >
> > > >> > > > >>> > DNS Servers . . . . . . . . . . . : 192.168.1.98
> > > >> > > > >>> >
> > > >> > > > >>> >
> 192.168.1.99
> > > >> > > > >>> >
> > > >> > > > >>> > Brown
> > > >> > > > >>> >
> > > >> > > > >>> > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > > >> > > > >>> > news:#aebW678EHA.1188@tk2msftngp13.phx.gbl...
> > > >> > > > >>> > > It is not unusual for a DC to fail to authenticate
when
> > it
> > > >> > > > >>> > > has not yet completed becoming a DC.
> > > >> > > > >>> > > The requested output from
> > > >> > > > >>> > > ipconfig /all
> > > >> > > > >>> > > when run on the failing machine would help greatly in
> > > >> > > > >>> > > understanding from the previously provided netdiag
> output
> > > >> > > > >>> > > if there is a simple route to get the initial
> replication
> > > >> > > > >>> > > to
> > > >> > > > >>> > > complete so that the machine can complete its
> promotion.
> > > >> > > > >>> > >
> > > >> > > > >>> > > --
> > > >> > > > >>> > > Roger Abell
> > > >> > > > >>> > > Microsoft MVP (Windows Security)
> > > >> > > > >>> > > MCSE (W2k3,W2k,Nt4) MCDBA
> > > >> > > > >>> > > "Brown" <fbrown@mta-inc.com> wrote in message
> > > >> > > > >>> > > news:uY35RQz8EHA.2540@TK2MSFTNGP09.phx.gbl...
> > > >> > > > >>> > > > In the Event Log I get the folloiwing message:
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Event Type: Warning
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Event Source: LSASRV
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Event Category: SPNEGO (Negotiator)
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Event ID: 40960
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Date: 1/5/2005
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Time: 7:18:18 AM
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > User: N/A
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Computer: MTA-SERVER02
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Description:
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > The Security System detected an authentication
error
> > for
> > > > the
> > > >> > > > >>> > > > server
> > > >> > > > >>> > > > cifs/mta-main.MTA-inc.local. The failure code from
> > > >> > > authentication
> > > >> > > > >>> > protocol
> > > >> > > > >>> > > > Kerberos was "The attempted logon is invalid. This
is
> > > > either
> > > >> > due
> > > >> > > > >>> > > > to
> > > >> > > > >> a
> > > >> > > > >>> > bad
> > > >> > > > >>> > > > username or authentication information.
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > (0xc000006d)".
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > For more information, see Help and Support Center
at
> > > >> > > > >>> > > > http://go.microsoft.com/fwlink/events.asp.
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > Data:
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > 0000: 6d 00 00 c0 m..À
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > ----------------
> > > >> > > > >>> > > > Brown
> > > >> > > > >>> > > >
> > > >> > > > >>> > > > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > > >> > > > >>> > > > news:Ot5o7Av8EHA.4004@tk2msftngp13.phx.gbl...
> > > >> > > > >>> > > > > '192.168.1.99' is IP of the SBS ?
> > > >> > > > >>> > > > > Can you clarify for me a little just what you
meant
> > by
> > > >> > > > >>> > > > > > It appears that the name for the Win2K3 on the
> > SBS2K3
> > > >> > server
> > > >> > > > >>> > > > > > is
> > > >> > > > >>> not
> > > >> > > > >>> > in
> > > >> > > > >>> > > > > sync
> > > >> > > > >>> > > > > > with the name on the Win2k3 server, but I
cannot
> > > > locate
> > > >> an
> > > >> > > > >>> occurence
> > > >> > > > >>> > > > where
> > > >> > > > >>> > > > > > it is different.
> > > >> > > > >>> > > > > Names as seen where ?
> > > >> > > > >>> > > > > Can you post output from running, on the failing
> W2k3
> > > >> > (nonSBS)
> > > >> > > > >>> > > > > ipconfig /all
> > > >> > > > >>> > > > >
> > > >> > > > >>> > > > > --
> > > >> > > > >>> > > > > Roger Abell
> > > >> > > > >>> > > > > Microsoft MVP (Windows Security)
> > > >> > > > >>> > > > > MCSE (W2k3,W2k,Nt4) MCDBA
> > > >> > > > >>> > > > > "Brown" <fbrown@mta-inc.com> wrote in message
> > > >> > > > >>> > > > > news:%23acMnep8EHA.2156@TK2MSFTNGP10.phx.gbl...
> > > >> > > > >>> > > > > > OK, I'm back - I have gone through the
> suggestions
> > > >> > > > >>> > > > > > and
> > > >> am
> > > >> > > > >>> > > > > > still
> > > >> > > > >> at
> > > >> > > > >>> a
> > > >> > > > >>> > > > loss.
> > > >> > > > >>> > > > > > Netdiag still shows problems on the Win2K3
> server:
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > Domain membership test . . . . . . : Failed
> > > >> > > > >>> > > > > > [WARNING] Ths system volume has not been
> completely
> > > >> > > replicated
> > > >> > > > >> to
> > > >> > > > >>> > the
> > > >> > > > >>> > > > > local
> > > >> > > > >>> > > > > > machine. This machine is not working properly
as
> a
> > > >> > > > >>> > > > > > DC.
> > > >> > > > >>> > > > > > ------
> > > >> > > > >>> > > > > > DNS test . . . . . . . . . . . . . : Failed
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> MTA-inc.local.
> > > >> > > > >>> re-registeration
> > > >> > > > >>> > on
> > > >> > > > >>> > > > DNS
> > > >> > > > >>> > > > > > server '192.168.1.99' failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > _ldap._tcp.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > > _ldap._tcp.Default-First-Site-Name._sites.MTA-inc.local.
> > > >> > > > >>> > > > re-registeration
> > > >> > > > >>> > > > > on
> > > >> > > > >>> > > > > > DNS server '192.168.1.99' failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > >
> > > >> > > > >>> > > >
> > > >> > > > >>> > >
> > > >> > > > >>> >
> > > >> > > > >>>
> > > >> > > > >>
> > > >> > >
> > > >> >
> > > >>
> > > >
> >
>
_ldap._tcp.206600de-fb91-4786-8e91-7db1704af5a3.domains._msdcs.MTA-inc.local
> > > >> > > > >>> > > > > > . re-registeration on DNS server '192.168.1.99'
> > > > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > >> 67f85d0b-43cd-47df-948d-1a165f5851d7._msdcs.MTA-inc.local.
> > > >> > > > >>> > > > > re-registeration
> > > >> > > > >>> > > > > > on DNS server '192.168.1.99' failed.DNS Error
> code:
> > > >> > > 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > > _kerberos._tcp.dc._msdcs.MTA-inc.local.re-registeration
> > > >> on
> > > >> > > DNS
> > > >> > > > >>> > server
> > > >> > > > >>> > > > > > '192.168.1.99' failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > >> > > > >>> >
> > > >> > >
> > _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > _ldap._tcp.dc._msdcs.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > >> > > > >>
> > > > _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >> _kerberos._tcp.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > >
> > > >> > _kerberos._tcp.Default-First-Site-Name._sites.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >> _kerberos._udp.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > > _kpasswd._tcp.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Failed to fix: DC DNS entry
> > > >> > > > >>> > > > > > _kpasswd._udp.MTA-inc.local.
> > > >> > > > >>> > > > > > re-registeration on DNS server '192.168.1.99'
> > failed.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > DNS Error code: 0x00002339
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] Fix Failed: netdiag failed to
re-register
> > > >> missing
> > > >> > > DNS
> > > >> > > > >>> > entries
> > > >> > > > >>> > > > for
> > > >> > > > >>> > > > > > this DC on DNS server '192.168.1.99'.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > [FATAL] No DNS servers have the DNS records for
> > this
> > > > DC
> > > >> > > > >>> registered.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > ------
> > > >> > > > >>> > > > > > DC list test . . . . . . . . . . . : Failed
> > > >> > > > >>> > > > > > [WARNING] Cannot call DsBind to
> > > >> > > > >>> > > > > > mta-main.MTA-inc.local
> > > >> > > > >>> > (192.168.1.99).
> > > >> > > > >>> > > > > [SEC_
> > > >> > > > >>> > > > > > E_WRONG_PRINCIPAL]
> > > >> > > > >>> > > > > > -------
> > > >> > > > >>> > > > > > Trust relationship test. . . . . . : Failed
> > > >> > > > >>> > > > > > [WARNING] Don't have access to test your domain
> sid
> > > > for
> > > >> > > domain
> > > >> > > > >>> > > > 'MTA-INC'.
> > > >> > > > >>> > > > > > [Test skipped]
> > > >> > > > >>> > > > > > [FATAL] Secure channel to domain 'MTA-INC' is
> > broken.
> > > >> > > > >>> > > > > > [ERROR_NO_TRUST_SAM_ACCOUNT]
> > > >> > > > >>> > > > > > -----
> > > >> > > > >>> > > > > > Kerberos test. . . . . . . . . . . : Failed
> > > >> > > > >>> > > > > > [FATAL] Kerberos does not have a ticket for
> > > >> > > > >>> > > > > host/mta-server02.MTA-inc.local.
> > > >> > > > >>> > > > > > -----
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > It appears that the name for the Win2K3 on the
> > SBS2K3
> > > >> > server
> > > >> > > > >>> > > > > > is
> > > >> > > > >>> not
> > > >> > > > >>> > in
> > > >> > > > >>> > > > > sync
> > > >> > > > >>> > > > > > with the name on the Win2k3 server, but I
cannot
> > > > locate
> > > >> an
> > > >> > > > >>> occurence
> > > >> > > > >>> > > > where
> > > >> > > > >>> > > > > > it is different.
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > Brown
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > > "Roger Abell" <mvpNOSpam@asu.edu> wrote in
> message
> > > >> > > > >>> > > > > > news:eiCa33w6EHA.1408@TK2MSFTNGP10.phx.gbl...
> > > >> > > > >>> > > > > > > No problem Frank. Let us know if you did not
> get
> > > >> > > > >>> > > > > > > fixed up by this.
> > > >> > > > >>> > > > > > > BTW, if you can remote into the SBS then you
> > should
> > > >> > > > >>> > > > > > > be able to open a remote desktop to the W2k3
> from
> > > >> > > > >>> > > > > > > within the SBS. Double remote desktop can be
a
> > > > little
> > > >> > > > >>> > > > > > > tedious but does work. Also, you can
configure
> > the
> > > >> > > > >>> > > > > > > SBS to directly mediate remote desktop
> connection
> > > >> > > > >>> > > > > > > to any internal machine should you so choose.
> > > >> > > > >>> > > > > > >
> > > >> > > > >>> > > > > > > --
> > > >> > > > >>> > > > > > > Roger Abell
> > > >> > > > >>> > > > > > > Microsoft MVP (Windows Security)
> > > >> > > > >>> > > > > > > MCSE (W2k3,W2k,Nt4) MCDBA
> > > >> > > > >>> > > > > > > "Brown" <fbrown@knology.net> wrote in message
> > > >> > > > >>> > > > > > >
> news:%23OB%23Mfg6EHA.2032@tk2msftngp13.phx.gbl...
> > > >> > > > >>> > > > > > > > Roger, Thanks for the help. I have run the
> > > > netdiag
> > > >> > /fix
> > > >> > > > >>> > > > > > > > and
> > > >> > > > >>> it
> > > >> > > > >>> > > > looks
> > > >> > > > >>> > > > > > like
> > > >> > > > >>> > > > > > > > it has cleared up some of the problems. I
am
> > > >> > > > >>> > > > > > > > back
> > > >> > home
> > > >> > > > >>> working
> > > >> > > > >>> > > via
> > > >> > > > >>> > > > > the
> > > >> > > > >>> > > > > > > SBS
> > > >> > > > >>> > > > > > > > remote access. The 2K3 machine is not
> > available
> > > >> (part
> > > >> > > of
> > > >> > > > >> the
> > > >> > > > >>> > > > problem)
> > > >> > > > >>> > > > > > so
> > > >> > > > >>> > > > > > > I
> > > >> > > > >>> > > > > > > > will have to try to get back in to the
office
> > to
> > > > do
> > > >> > it.
> > > >> > > I
> > > >> > > > >>> will
> > > >> > > > >>> > be
> > > >> > > > >>> > > > out
> > > >> > > > >>> > > > > > of
> > > >> > > > >>> > > > > > > > touch for several days, and may not be able
> to
> > > >> > > > >>> > > > > > > > get
> > > >> > back
> > > >> > > to
> > > >> > > > >> it
> > > >> > > > >>> > > until
> > > >> > > > >>> > > > > > then.
> > > >> > > > >>> > > > > > > I
> > > >> > > > >>> > > > > > > > have your suggestions, and will see if that
> > takes
> > > >> care
> > > >> > > of
> > > >> > > > >>> > > > > > > > me
> > > >> > > > >>> > when
> > > >> > > > >>> > > I
> > > >> > > > >>> > > > > can
> > > >> > > > >>> > > > > > > get
> > > >> > > > >>> > > > > > > > back on the machine.
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > > > I want to make sure you Steven know how
much
> I
> > > >> > > appreciate
> > > >> > > > >> your
> > > >> > > > >>> > > > > patience
> > > >> > > > >>> > > > > > > and
> > > >> > > > >>> > > > > > > > assistance.
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > > > Frank Brown
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > > > "Roger Abell" <mvpNOSpam@asu.edu> wrote in
> > > >> > > > >>> > > > > > > > message
> > > >> > > > >>> > > > > > > >
> news:%23v0SqWf6EHA.1392@tk2msftngp13.phx.gbl...
> > > >> > > > >>> > > > > > > > > On the SBS first run
> > > >> > > > >>> > > > > > > > > netdiag /fix
> > > >> > > > >>> > > > > > > > > Verify that the zones supporting the AD
are
> > > >> > configured
> > > >> > > > >>> > > > > > > > > for
> > > >> > > > >>> > > > > > > > > secured dynamic updates allowed. For
this,
> > run
> > > >> the
> > > >> > > DNS
> > > >> > > > >>> > > > > > > > > mgmt UI and highlight each forward zone
> then
> > > >> rclick
> > > >> > > into
> > > >> > > > >>> > > > > > > > > its properties. They should be AD
> integrated
> > > > and
> > > >> > > > >>> > > > > > > > > allowing
> > > >> > > > >>> > > > > > > > > secured dynamic updates.
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > > > On the failing W2k3 check that
> > > >> > > > >>> > > > > > > > > - in tcp/ip settings the DNS server is
the
> > SBS
> > > >> > machine
> > > >> > > > >>> > > > > > > > > - in System properties (rclick my
computer,
> > > >> > > properties)
> > > >> > > > >>> > > > > > > > > the full computer name is correct,
right
> > > > domain
> > > >> > > > >>> > > > > > > > > at cmd prompt run
> > > >> > > > >>> > > > > > > > > net stop netlogon
> > > >> > > > >>> > > > > > > > > net start netlogon
> > > >> > > > >>> > > > > > > > > then rerun netdiag to see if it is clean.
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > > > Once clean, you will want to install DNS
on
> > the
> > > >> > > > >>> > > > > > > > > second DC (if not already) and have it
host
> > the
> > > >> same
> > > >> > > > >>> > > > > > > > > AD integrated zones as are on the other
DNS
> > > >> service.
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > > > optional/advised:
> > > >> > > > >>> > > > > > > > > After you have DNS fault tolerance, you
> > > >> could/should
> > > >> > > > >>> > > > > > > > > configure each DC to point first to the
> other
> > > > and
> > > >> > then
> > > >> > > > >>> > > > > > > > > to itself for DNS services in the Tcp/Ip
> > > >> > > > >>> > > > > > > > > config.
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > > > --
> > > >> > > > >>> > > > > > > > > Roger Abell
> > > >> > > > >>> > > > > > > > > Microsoft MVP (Windows Security)
> > > >> > > > >>> > > > > > > > > MCSE (W2k3,W2k,Nt4) MCDBA
> > > >> > > > >>> > > > > > > > > "Brown" <fbrown@mta-inc.com> wrote in
> message
> > > >> > > > >>> > > > > > > > >
> news:OKNECGf6EHA.1204@TK2MSFTNGP10.phx.gbl...
> > > >> > > > >>> > > > > > > > >> OK, I ran dcdiag and netdiag on the 2K3
> > > >> > > > >>> > > > > > > > >> machine
> > > >> > > errors
> > > >> > > > >>> > > > abound ----
> > > >> > > > >>> > > > > > > > >> First: dcdiag > "Although the Guid name
> > > > <string
> > > >> of
> > > >> > > > >>> > > > > > > > >> stuff
> > > >> > > > >>> > here>
> > > >> > > > >>> > > > > > > couldn't
> > > >> > > > >>> > > > > > > > > be
> > > >> > > > >>> > > > > > > > >> resolved, the server name
> > > > (server02.domain.local)
> > > >> > > > >> resolved
> > > >> > > > >>> to
> > > >> > > > >>> > > the
> > > >> > > > >>> > > > > IP
> > > >> > > > >>> > > > > > > > > address
> > > >> > > > >>> > > > > > > > >> (192.168.1.98) and was pingable. Check
> that
> > > > the
> > > >> IP
> > > >> > > > >> address
> > > >> > > > >>> > is
> > > >> > > > >>> > > > > > > registered
> > > >> > > > >>> > > > > > > > >> correctly with the DNS Server."
> > > >> > > > >>> > > > > > > > >> The other tests in dcdiag passed
> > > >> > > > >>> > > > > > > > >> Then: netdiag:> Domain membership test:
> > Failed
> > > >> > > > >>> > > > > > > > >> "[WARNING]
> > > >> > > > >>> The
> > > >> > > > >>> > > > > system
> > > >> > > > >>> > > > > > > > >> volumehas not been completely
replicated
> to
> > > > the
> > > >> > > local
> > > >> > > > >>> > machine.
> > > >> > > > >>> > > > > This
> > > >> > > > >>> > > > > > > > >> machine is not working properly as a
DC."
> > > >> > > > >>> > > > > > > > >> DC test: failed "[WARNING] The DNS
> entries
> > > >> > > > >>> > > > > > > > >> for
> > > >> > this
> > > >> > > DC
> > > >> > > > >> are
> > > >> > > > >>> > not
> > > >> > > > >>> > > > > > > > >> registered
> > > >> > > > >>> > > > > > > > >> correctly on the DNS server
> '192.168.1.99'.
> > > >> Please
> > > >> > > > >>> > > > > > > > >> wait
> > > >> > > > >>> for
> > > >> > > > >>> > 30
> > > >> > > > >>> > > > > > minutes
> > > >> > > > >>> > > > > > > > > for
> > > >> > > > >>> > > > > > > > >> DNS serfver replication. [FATAL] No DNS
> > > > servers
> > > >> > have
> > > >> > > > >>> > > > > > > > >> the
> > > >> > > > >>> DNS
> > > >> > > > >>> > > > > records
> > > >> > > > >>> > > > > > > for
> > > >> > > > >>> > > > > > > > >> this DC registered."
> > > >> > > > >>> > > > > > > > >> DC list test: Failed [WARNING] Cannot
call
> > > > DsBind
> > > >> > to
> > > >> > > > >>> > > > > > main.domain.local
> > > >> > > > >>> > > > > > > > >> (192.168.1.99). [SEC_E_WRONG_PRINCIPAL]
> > > >> > > > >>> > > > > > > > >> Trust Relationship test: Failed ....
> > > >> > > > >>> > > > > > > > >> Kerberos test: Failed........
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >> OK, HELP!! Where do I start??
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >> Brown
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >> "Roger Abell" <mvpNOSpam@asu.edu> wrote
in
> > > >> message
> > > >> > > > >>> > > > > > > > >>
> > news:Oql3Ced6EHA.3124@TK2MSFTNGP11.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > and netdiag and dcdiag have told you
.
> .
> > .
> > > > ?
> > > >> > > > >>> > > > > > > > >> >
> > > >> > > > >>> > > > > > > > >> > --
> > > >> > > > >>> > > > > > > > >> > Roger
> > > >> > > > >>> > > > > > > > >> > "Brown" <fbrown@knology.net> wrote in
> > > >> > > > >>> > > > > > > > >> > message
> > > >> > > > >>> > > > > > > > >> >
> > news:OEn0igV6EHA.2568@TK2MSFTNGP11.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > > The SBS machine has 2 NICs but only
> one
> > is
> > > >> > > active.
> > > >> > > > >> The
> > > >> > > > >>> > > Win2K3
> > > >> > > > >>> > > > > has
> > > >> > > > >>> > > > > > > one
> > > >> > > > >>> > > > > > > > >> NIC.
> > > >> > > > >>> > > > > > > > >> > > DHCP is running on an external
router.
> > > >> > > > >>> > > > > > > > >> > >
> > > >> > > > >>> > > > > > > > >> > > Brown
> > > >> > > > >>> > > > > > > > >> > >
> > > >> > > > >>> > > > > > > > >> > > "Roger Abell" <mvpNOSpam@asu.edu>
> wrote
> > in
> > > >> > > message
> > > >> > > > >>> > > > > > > > >> > >
> > > > news:uZpd85T6EHA.2192@TK2MSFTNGP14.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > > > For DC communications issues your
> > first
> > > >> stop
> > > >> > > shop
> > > >> > > > >> to
> > > >> > > > >>> > > > > > > > >> > > > get hints of what may be amiss is
by
> > > >> running
> > > >> > on
> > > >> > > > >> each
> > > >> > > > >>> DC
> > > >> > > > >>> > > > > > > > >> > > > netdiag and dcdiag utilities
> > (depending
> > > > on
> > > >> > > > >> versions,
> > > >> > > > >>> > you
> > > >> > > > >>> > > > > > > > >> > > > may need to install the optional
> > support
> > > >> > tools
> > > >> > > > >>> > > > > > > > >> > > > from
> > > >> > > > >>
> > > >> > > > >>> the
> > > >> > > > >>> > > > CD).
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> > > > >>> > > > > > > > >> > > > Which, if any, of these machines
are
> > > >> > multihomed
> > > >> > > > >>> > > > > > > > >> > > > (>1
> > > >> > > > >>> > nic)?
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> > > > >>> > > > > > > > >> > > > --
> > > >> > > > >>> > > > > > > > >> > > > Roger Abell
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> > > > >>> > > > > > > > >> > > > "Brown" <fbrown@mta-inc.com> wrote
> in
> > > >> message
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> news:O5OJURP6EHA.4008@TK2MSFTNGP15.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > > >> I tried that, but since it is a
DC
> > > >> (backup)
> > > >> > it
> > > >> > > > >> will
> > > >> > > > >>> > not
> > > >> > > > >>> > > > > allow
> > > >> > > > >>> > > > > > > > >> > > >> this.
> > > >> > > > >>> > > > > > > > >> Is
> > > >> > > > >>> > > > > > > > >> > > >> there any other way to get them
to
> > > >> > > > >>> > > > > > > > >> > > >> shake
> > > >> > > hands?
> > > >> > > > >>> > > > > > > > >> > > >> Brown
> > > >> > > > >>> > > > > > > > >> > > >> "Roger Abell" <mvpNOSpam@asu.edu>
> > wrote
> > > > in
> > > >> > > > >>> > > > > > > > >> > > >> message
> > > >> > > > >>> > > > > > > > >> > > >>
> > > >> > > news:%23deks%23L6EHA.3124@TK2MSFTNGP11.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > > >> > did I actually forget to
mention
> > that
> > > >> you
> > > >> > > > >>> > > > > > > > >> > > >> > could
> > > >> > > > >>> try
> > > >> > > > >>> > > > > > resetting
> > > >> > > > >>> > > > > > > > >> > > >> > the machine account (in AD
Users
> > and
> > > >> > Comps)
> > > >> > > .
> > > >> > > > >>> > > > > > > > >> > > >> > .
> > > >> > > > >> .
> > > >> > > > >>> > > > > > > > >> > > >> >
> > > >> > > > >>> > > > > > > > >> > > >> > --
> > > >> > > > >>> > > > > > > > >> > > >> > Roger Abell
> > > >> > > > >>> > > > > > > > >> > > >> >
> > > >> > > > >>> > > > > > > > >> > > >> > "Brown" <fbrown@mta-inc.com>
> wrote
> > in
> > > >> > > message
> > > >> > > > >>> > > > > > > > >> > > >> >
> > > >> > > news:O2$c8m55EHA.2624@TK2MSFTNGP11.phx.gbl...
> > > >> > > > >>> > > > > > > > >> > > >> >> I am running SBS 2003 Pro
> (MAIN),
> > > > with
> > > >> a
> > > >> > > > >>> > > > > > > > >> > > >> >> Win2K3
> > > >> > > > >>> > > > Standard
> > > >> > > > >>> > > > > > > server
> > > >> > > > >>> > > > > > > > >> > > >> >> (SERVER02)
> > > >> > > > >>> > > > > > > > >> > > >> >> which is providing file server
> and
> > > >> > > > >>> > > > > > > > >> > > >> >> AD
> > > >> > > Backup
> > > >> > > > >>> tasks.
> > > >> > > > >>> > > > > > > > >> > > >> >> I am getting an error messaage
> in
> > > >> > > > >>> > > > > > > > >> > > >> >> the
> > > >> > > System
> > > >> > > > >>> Event
> > > >> > > > >>> > > > > Viewer,
> > > >> > > > >>> > > > > > > > > source
> > > >> > > > >>> > > > > > > > >> > > >> > Netlogon:
> > > >> > > > >>> > > > > > > > >> > > >> >> "The session setup from the
> > computer
> > > >> > > SERVER02
> > > >> > > > >>> > failed
> > > >> > > > >>> > > to
> > > >> > > > >>> > > > > > > > >> > authenticate.
> > > >> > > > >>> > > > > > > > >> > > >> >> The
> > > >> > > > >>> > > > > > > > >> > > >> >> name(s) of the account(s)
> > referenced
> > > > in
> > > >> > the
> > > >> > > > >>> > security
> > > >> > > > >>> > > > > > database
> > > >> > > > >>> > > > > > > > >> > > >> >> is
> > > >> > > > >>> > > > > > > > >> > > >> > SERVER02$.
> > > >> > > > >>> > > > > > > > >> > > >> >> The following error occured:
> > Access
> > > >> > > denied."
> > > >> > > > >>> > > > > > > > >> > > >> >>
> > > >> > > > >>> > > > > > > > >> > > >> >> What do I need to do to
correct
> > > >> > > > >>> > > > > > > > >> > > >> >> this?
> > > >> > > > >>> > > > > > > > >> > > >> >>
> > > >> > > > >>> > > > > > > > >> > > >> >> Brown
> > > >> > > > >>> > > > > > > > >> > > >> >>
> > > >> > > > >>> > > > > > > > >> > > >> >>
> > > >> > > > >>> > > > > > > > >> > > >> >
> > > >> > > > >>> > > > > > > > >> > > >> >
> > > >> > > > >>> > > > > > > > >> > > >>
> > > >> > > > >>> > > > > > > > >> > > >>
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> > > > >>> > > > > > > > >> > > >
> > > >> > > > >>> > > > > > > > >> > >
> > > >> > > > >>> > > > > > > > >> > >
> > > >> > > > >>> > > > > > > > >> >
> > > >> > > > >>> > > > > > > > >> >
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >>
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > > >
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > > >
> > > >> > > > >>> > > > > > >
> > > >> > > > >>> > > > > > >
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > > >
> > > >> > > > >>> > > > >
> > > >> > > > >>> > > > >
> > > >> > > > >>> > > >
> > > >> > > > >>> > > >
> > > >> > > > >>> > >
> > > >> > > > >>> > >
> > > >> > > > >>> >
> > > >> > > > >>> >
> > > >> > > > >>>
> > > >> > > > >>>
> > > >> > > > >>
> > > >> > > > >>
> > > >> > > > >
> > > >> > > > >
> > > >> > > >
> > > >> > > >
> > > >> > >
> > > >> > >
> > > >> >
> > > >> >
> > > >>
> > > >>
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Jeff Cichocki: "Deny rights question"
- Previous message:
: "Re: Changing Global Group to Domain Local Group." - In reply to: Roger Abell: "Re: netlogon error"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
