[EMAIL PROTECTED] wrote:
I bet you one crate to a bottle of German beer that your DNS is out to lunch.
Every time when I've seen this, it always goes away by kicking a DNS server
somewhere. Check your DNS servers.
I talked to the networking people and the DNS server that is used for
our test domains is a couple of major releases out of date and running
on really crap hardware.
Building him a new server...
Thanks for all the help.
al
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.readymaids.com <http://www.readymaids.com> - we know IT
www.akomolafe.com <http://www.akomolafe.com>
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
________________________________
From: [EMAIL PROTECTED] on behalf of Al Lilianstrom
Sent: Wed 5/31/2006 7:53 AM
To: [email protected]
Subject: Re: [ActiveDir] New DC can't find the machine account
Almeida Pinto, Jorge de wrote:
see if the following helps:
http://www.eventid.net/display.asp?eventid=1097&eventno=2126&source=Userenv&p
hase=1
I had run across that page last night.
Time is ok (ntp to local time source)
I don't think that both computer accounts are corrupt as they were ok as
simple servers
I enabled debug logging for the netlogon service and at the same time I
get the userenv events I get
05/31 09:48:22 [CRITICAL] NetpDcHandlePingResponse: test.fnal.gov.:
Netlogon is paused on the server. 0x14
al
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
( Tel : +31-(0)40-29.57.777
( Mobile : +31-(0)6-26.26.62.80
* E-mail : <see sender address>
________________________________
From: [EMAIL PROTECTED] on behalf of Al Lilianstrom
Sent: Wed 2006-05-31 15:37
To: [email protected]
Subject: [ActiveDir] New DC can't find the machine account
Hi,
I have a Windows 2000 based AD (empty root with 1 child domain) that I'm
in the process of upgrading to w2003r2 as a test for our production
domain (same configuration). The adprep went fine as well as the dcpromo
of the new DC. However when the new DC reboots I get the following
messages in the application log:
EVENT TYPE Error
SOURCE Userenv
EVENT ID 1097
Windows cannot find the machine account, The Local Security Authority
cannot be contacted .
and
EVENT TYPE Error
SOURCE Userenv
EVENT ID 1030
Windows cannot query for the list of Group Policy objects. Check the
event log for possible messages previously logged by the policy engine
that describes the reason for this.
Neither system has these messages when they were simple servers in the
domain. They were rebooted several times before becoming DCs to make
sure the event logs were clean.
They seem to be functioning as DCs. File replication with the orginal
w2k dc took a long time to start up.
I added a second w2k3 r2 DC and it is showing the exact same messages.
Both machines were created from the same sysprep image - the machine
that was built as the basis for the sysprep image was never in the domain.
I've been searching Microsoft and came up with one or two applicable
docs. One said to make sure that services like netlogon were set to
automatic (it is). Another had settings for enabling debug on the
netlogon service which I implemented. All that I see in there is
netlogon pausing.
Any ideas?
al
--
--
Al Lilianstrom
CD/CSS/CSI
[EMAIL PROTECTED]
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
--
Al Lilianstrom
CD/CSS/CSI
[EMAIL PROTECTED]
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
