I bet you one crate to a bottle of German beer that your DNS is out to lunch.
Every time when I've seen this, it always goes away by kicking a DNS server
somewhere. Check your DNS servers.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.readymaids.com <http://www.readymaids.com> - we know IT
www.akomolafe.com <http://www.akomolafe.com>
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
________________________________
From: [EMAIL PROTECTED] on behalf of Al Lilianstrom
Sent: Wed 5/31/2006 7:53 AM
To: [email protected]
Subject: Re: [ActiveDir] New DC can't find the machine account
Almeida Pinto, Jorge de wrote:
> see if the following helps:
>
http://www.eventid.net/display.asp?eventid=1097&eventno=2126&source=Userenv&p
hase=1
I had run across that page last night.
Time is ok (ntp to local time source)
I don't think that both computer accounts are corrupt as they were ok as
simple servers
I enabled debug logging for the netlogon service and at the same time I
get the userenv events I get
05/31 09:48:22 [CRITICAL] NetpDcHandlePingResponse: test.fnal.gov.:
Netlogon is paused on the server. 0x14
al
> Met vriendelijke groeten / Kind regards,
> Ing. Jorge de Almeida Pinto
> Senior Infrastructure Consultant
> MVP Windows Server - Directory Services
>
> LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
> ( Tel : +31-(0)40-29.57.777
> ( Mobile : +31-(0)6-26.26.62.80
> * E-mail : <see sender address>
>
> ________________________________
>
> From: [EMAIL PROTECTED] on behalf of Al Lilianstrom
> Sent: Wed 2006-05-31 15:37
> To: [email protected]
> Subject: [ActiveDir] New DC can't find the machine account
>
>
>
> Hi,
>
> I have a Windows 2000 based AD (empty root with 1 child domain) that I'm
> in the process of upgrading to w2003r2 as a test for our production
> domain (same configuration). The adprep went fine as well as the dcpromo
> of the new DC. However when the new DC reboots I get the following
> messages in the application log:
>
> EVENT TYPE Error
> SOURCE Userenv
> EVENT ID 1097
> Windows cannot find the machine account, The Local Security Authority
> cannot be contacted .
>
> and
>
> EVENT TYPE Error
> SOURCE Userenv
> EVENT ID 1030
> Windows cannot query for the list of Group Policy objects. Check the
> event log for possible messages previously logged by the policy engine
> that describes the reason for this.
>
> Neither system has these messages when they were simple servers in the
> domain. They were rebooted several times before becoming DCs to make
> sure the event logs were clean.
>
> They seem to be functioning as DCs. File replication with the orginal
> w2k dc took a long time to start up.
>
> I added a second w2k3 r2 DC and it is showing the exact same messages.
> Both machines were created from the same sysprep image - the machine
> that was built as the basis for the sysprep image was never in the domain.
>
> I've been searching Microsoft and came up with one or two applicable
> docs. One said to make sure that services like netlogon were set to
> automatic (it is). Another had settings for enabling debug on the
> netlogon service which I implemented. All that I see in there is
> netlogon pausing.
>
> Any ideas?
>
> al
> --
--
Al Lilianstrom
CD/CSS/CSI
[EMAIL PROTECTED]
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
