Guest Fat Frog Posted April 29, 2008 Posted April 29, 2008 Hello. I am having problem on a member server running Windows Server 2003 SP1. It took 30 minutes to log on to the domain after a reboot. The server seemed to be forever hanging at "applying settings..." before it finally connected to the domain. I found a lot of errors with event ID 1053, source: userenv. "Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted.) Group Policy processing aborted." ____________________ Running netdiag.ext shows some errors: Testing trust relationships... Failed Testing Kerberos authentication... Failed DC discovery test. . . . . . . . . : Failed Find DC in domain 'MyDomainName': [FATAL] Cannot find DC in domain 'MyDomainName'. [ERROR_NO_SUCH_DOMAIN] DC list test . . . . . . . . . . . : Failed 'MyDomainName': Cannot find DC to get DC list from [test skipped]. List of DCs in Domain 'MyDomainName': Trust relationship test. . . . . . : Failed Test to ensure DomainSid of domain 'MyDomainName' is correct. 'MyDomainName': Cannot find DC to get DC list from [test skipped]. [FATAL] Secure channel to domain 'MyDomainName' is broken. [ERROR_NO_LOGON_SERVERS] Kerberos test. . . . . . . . . . . : Skipped 'MyDomainName': Cannot find DC to get DC list from [test skipped]. LDAP test. . . . . . . . . . . . . : Failed Cannot find DC to run LDAP tests on. The error occurred was: The specified domain either does not exist or could not be contacted. Find DC in domain 'MyDomainName': [WARNING] Cannot find DC in domain 'MyDomainName'. [ERROR_NO_SUCH_DOMAIN] ________________ MS Help says: To verify that the domain controller can be contacted through Domain Name System (DNS), try to access \\mydomain.com\sysvol\mydomain.com, where mydomain.com is the fully qualified DNS name of your domain. This test also failed. ________________ I tried to connect to this server from a couple of client computers. One client is ok. The other client got the following: The Mapped network drive could not be created because the following error has occurred: The specified network name is no longer available. When I tried to connect to it via UNC, it also errored out: There are currently no logon servers available to service the logon request. Sorry for the long post. Thanks for your help. TL
Guest Meinolf Weber Posted April 29, 2008 Posted April 29, 2008 Re: domain logon issue Hello Fat, Please post an unedited ipconfig /all from the DC/DNS and the member server. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > Hello. > > I am having problem on a member server running Windows Server 2003 > SP1. > > It took 30 minutes to log on to the domain after a reboot. The server > seemed to be forever hanging at "applying settings..." before it > finally connected to the domain. > > I found a lot of errors with event ID 1053, source: userenv. "Windows > cannot determine the user or computer name. (The specified domain > either does not exist or could not be contacted.) Group Policy > processing aborted." ____________________ > > Running netdiag.ext shows some errors: > > Testing trust relationships... Failed > Testing Kerberos authentication... Failed > DC discovery test. . . . . . . . . : Failed > Find DC in domain 'MyDomainName': > [FATAL] Cannot find DC in domain 'MyDomainName'. > [ERROR_NO_SUCH_DOMAIN] > > DC list test . . . . . . . . . . . : Failed > 'MyDomainName': Cannot find DC to get DC list from [test > skipped]. > List of DCs in Domain 'MyDomainName': > Trust relationship test. . . . . . : Failed > Test to ensure DomainSid of domain 'MyDomainName' is correct. > 'MyDomainName': Cannot find DC to get DC list from [test skipped]. > [FATAL] Secure channel to domain 'MyDomainName' is broken. > [ERROR_NO_LOGON_SERVERS] > > Kerberos test. . . . . . . . . . . : Skipped > 'MyDomainName': Cannot find DC to get DC list from [test > skipped]. > LDAP test. . . . . . . . . . . . . : Failed > Cannot find DC to run LDAP tests on. The error occurred was: The > specified domain either does not exist or could not be contacted. > > Find DC in domain 'MyDomainName': > > [WARNING] Cannot find DC in domain 'MyDomainName'. > [ERROR_NO_SUCH_DOMAIN] > ________________ > MS Help says: > > To verify that the domain controller can be contacted through Domain > Name System (DNS), try to access \\mydomain.com\sysvol\mydomain.com, > where mydomain.com is the fully qualified DNS name of your domain. > > This test also failed. > ________________ > I tried to connect to this server from a couple of client computers. > One client is ok. > > The other client got the following: > > The Mapped network drive could not be created because the following > error has occurred: The specified network name is no longer available. > > When I tried to connect to it via UNC, it also errored out: There are > currently no logon servers available to service the logon request. > > Sorry for the long post. > Thanks for your help. > TL
Guest Morgan che Posted April 29, 2008 Posted April 29, 2008 RE: domain logon issue Hi, Thanks for posting here. From your description, I understand the domain member server running Windows Server 2003 SP1 takes 30 minutes to log on domain and you found the Event ID 1053 in this problematic member server. Analysis and suggestion: ====================== From the Dcdiag output, I suspect this error may caused by the failure of DNS resolution. When client queried SRV record on DNS to locate a domain controller, the DNS fails to respond the corresponding name resolution or respond the incorrect name resolution. Please verify that if this computer is connected to the network, configure the correct DNS server IP addresses, and at least one of the DNS servers is running. If you use AD-integrated DNS, please make sure the DNS setting on the current machine points to the DC. If you use standalone DNS, please make sure you have correctly pointed to this DNS server. Also, please check if the DC you attempt to logon is running. If so, please restart netlogon services on this DC to register the corresponding SRV record on DNS and test the result. After doing this, if this issue still persists. To further narrow down this issue, please assist me to collect the following informatiuon and send me via v-morche@microsoft.com: 1. How many computers are facing this problem? 2. Are there local DCs in the same subnet as the problematic computer? Logs collection: 1. please run "Dcdiag /a /v > C:\dcdiag.log" on the current domain controller. Note: we need to install the Windows 2003 support tools in the path of X:\Support\Tools\Support.msi of the Windows 2003 installation disc 2. please run "Netdiag /v > C:\netdiag.log" on the current domain controller. Note: we need to install the Windows 2003 support tools in the path of X:\Support\Tools\Support.msi of the Windows 2003 installation disc 3. Collect Userenv.log Please do as following steps on these problematic computer to obtain detailed troubleshooting information from the user environment debug log. a. Start Registry Editor. b. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon c. Right-click and new add DWORD(32-bit) with the Value of "UserEnvDebugLevel" d. Type in 100002(Hexadecimal) or 65538(Decimal) in the Value data box, and then click OK. e. Reboot the problematic computer to make the change take into effect. The Userenv.log is located in the folder: %SYSTEMDRIVE%\Debug\UserMode\ 4. Collect Winlogon.log Please do as following steps on these problematic computer to enable winlogon.log as the delay occurs during computer startup: a. Start Registry Editor (Regedit.exe) b. Locate and click the following key in the registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83 A}. Please note: The above registry key is one path; it has been wrapped for readability. c. Edit the following registry value: Value name: ExtensionDebugLevel Data type: DWORD Value data: 2 d. Quit Registry Editor e. Reboot the computer The Winlogon.log file is created in the folder %systermroot% \Security\Logs Thanks for your time in advance. After receiving this requested information, I will do further research and get back to you with my suggestion. Have a good day! Sincerely Morgan Che Microsoft Online Support Microsoft Global Technical Support Center Get Secure! - http://www.microsoft.com/security ===================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- --->From: "Fat Frog" <FatFrog@newsgroup.nospam> --->Subject: domain logon issue --->Date: Mon, 28 Apr 2008 22:12:21 -0400 --->Lines: 74 --->X-Priority: 3 --->X-MSMail-Priority: Normal --->X-Newsreader: Microsoft Outlook Express 6.00.2900.3138 --->X-RFC2646: Format=Flowed; Original --->X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 --->Message-ID: <eHbg25ZqIHA.4928@TK2MSFTNGP04.phx.gbl> --->Newsgroups: microsoft.public.windows.server.general --->NNTP-Posting-Host: gateway.jabil.com 198.51.174.14 --->Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl --->Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.general:37351 --->X-Tomcat-NG: microsoft.public.windows.server.general ---> --->Hello. ---> --->I am having problem on a member server running Windows Server 2003 SP1. ---> --->It took 30 minutes to log on to the domain after a reboot. The server seemed --->to be forever hanging at "applying settings..." before it finally connected --->to the domain. ---> --->I found a lot of errors with event ID 1053, source: userenv. "Windows cannot --->determine the user or computer name. (The specified domain either does not --->exist or could not be contacted.) Group Policy processing aborted." --->____________________ ---> --->Running netdiag.ext shows some errors: ---> --->Testing trust relationships... Failed --->Testing Kerberos authentication... Failed ---> --->DC discovery test. . . . . . . . . : Failed ---> Find DC in domain 'MyDomainName': ---> ---> [FATAL] Cannot find DC in domain 'MyDomainName'. --->[ERROR_NO_SUCH_DOMAIN] ---> --->DC list test . . . . . . . . . . . : Failed ---> 'MyDomainName': Cannot find DC to get DC list from [test skipped]. ---> List of DCs in Domain 'MyDomainName': ---> --->Trust relationship test. . . . . . : Failed ---> Test to ensure DomainSid of domain 'MyDomainName' is correct. ---> 'MyDomainName': Cannot find DC to get DC list from [test skipped]. ---> ---> [FATAL] Secure channel to domain 'MyDomainName' is broken. --->[ERROR_NO_LOGON_SERVERS] ---> --->Kerberos test. . . . . . . . . . . : Skipped ---> 'MyDomainName': Cannot find DC to get DC list from [test skipped]. --->LDAP test. . . . . . . . . . . . . : Failed ---> ---> Cannot find DC to run LDAP tests on. The error occurred was: The --->specified domain either does not exist or could not be contacted. ---> ---> Find DC in domain 'MyDomainName': ---> ---> [WARNING] Cannot find DC in domain 'MyDomainName'. --->[ERROR_NO_SUCH_DOMAIN] --->________________ ---> --->MS Help says: ---> --->To verify that the domain controller can be contacted through Domain Name --->System (DNS), try to access \\mydomain.com\sysvol\mydomain.com, where --->mydomain.com is the fully qualified DNS name of your domain. ---> --->This test also failed. --->________________ ---> --->I tried to connect to this server from a couple of client computers. One --->client is ok. ---> --->The other client got the following: ---> --->The Mapped network drive could not be created because the following error --->has occurred: The specified network name is no longer available. ---> --->When I tried to connect to it via UNC, it also errored out: --->There are currently no logon servers available to service the logon request. ---> --->Sorry for the long post. --->Thanks for your help. --->TL ---> ---> ---> --->
Guest Fat Frog Posted April 29, 2008 Posted April 29, 2008 Re: domain logon issue Thanks so much for the detailed help and instructions. So I first checked the DNS servers' IP addresses, and see if they were entered correctly. As it turned out, both the primary and the secondary DNS servers' IP addresses had been wrong. They were the old ones, pointing to one that's no longer a DNS server, and two that's been retired. I have changed the DNS servers' IP addresses, and ran netdiag.exe, and it now shows "PASSED" where it showed "Failed" before: Testing DNS Testing redirector and browser... Passed Testing DC discovery. Looking for a DC Looking for a PDC emulator Looking for an Active Directory DC Gathering the list of Domain Controllers for domain 'MyDomainName' Testing trust relationships... Passed Testing Kerberos authentication... Passed I will keep an eye on the 1053 error in the event log, but so far I haven't seen one. This is a production server. I will not be able to reboot it till the weekend. I will post back if there is anything else regarding this issue. Thanks again. TL "Morgan che(MSFT)" <v-morche@online.microsoft.com> wrote in message news:OLabOleqIHA.4284@TK2MSFTNGHUB02.phx.gbl... > Hi, > > Thanks for posting here. > > From your description, I understand the domain member server running > Windows Server 2003 SP1 takes 30 minutes to log on domain and you found > the > Event ID 1053 in this problematic member server. > > Analysis and suggestion: > ====================== > > From the Dcdiag output, I suspect this error may caused by the failure of > DNS resolution. When client queried SRV record on DNS to locate a domain > controller, the DNS fails to respond the corresponding name resolution or > respond the incorrect name resolution. > > Please verify that if this computer is connected to the network, configure > the correct DNS server IP addresses, and at least one of the DNS servers > is > running. If you use AD-integrated DNS, please make sure the DNS setting on > the current machine points to the DC. If you use standalone DNS, please > make sure you have correctly pointed to this DNS server. > > Also, please check if the DC you attempt to logon is running. If so, > please > restart netlogon services on this DC to register the corresponding SRV > record on DNS and test the result. > > After doing this, if this issue still persists. To further narrow down > this > issue, please assist me to collect the following informatiuon and send me > via v-morche@microsoft.com: > > 1. How many computers are facing this problem? > > 2. Are there local DCs in the same subnet as the problematic computer? > > > Logs collection: > > 1. please run "Dcdiag /a /v > C:\dcdiag.log" on the current domain > controller. > > Note: we need to install the Windows 2003 support tools in the path of > X:\Support\Tools\Support.msi of the Windows 2003 installation disc > > 2. please run "Netdiag /v > C:\netdiag.log" on the current domain > controller. > > Note: we need to install the Windows 2003 support tools in the path of > X:\Support\Tools\Support.msi of the Windows 2003 installation disc > > 3. Collect Userenv.log > > Please do as following steps on these problematic computer to obtain > detailed troubleshooting information from the user environment debug log. > > a. Start Registry Editor. > > b. Locate and then click the following registry subkey: > > HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon > > c. Right-click and new add DWORD(32-bit) with the Value of > "UserEnvDebugLevel" > > d. Type in 100002(Hexadecimal) or 65538(Decimal) in the Value data box, > and > then click OK. > > e. Reboot the problematic computer to make the change take into effect. > > The Userenv.log is located in the folder: %SYSTEMDRIVE%\Debug\UserMode\ > > 4. Collect Winlogon.log > > Please do as following steps on these problematic computer to enable > winlogon.log as the delay occurs during computer startup: > > a. Start Registry Editor (Regedit.exe) > > b. Locate and click the following key in the registry: > > HKEY_LOCAL_MACHINE\Software\Microsoft\Windows > NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83 > A}. > > Please note: The above registry key is one path; it has been wrapped for > readability. > > c. Edit the following registry value: > > Value name: ExtensionDebugLevel > > Data type: DWORD > > Value data: 2 > > d. Quit Registry Editor > > e. Reboot the computer > > The Winlogon.log file is created in the folder %systermroot% > \Security\Logs > > Thanks for your time in advance. After receiving this requested > information, I will do further research and get back to you with my > suggestion. > > Have a good day! > > > Sincerely > Morgan Che > Microsoft Online Support > Microsoft Global Technical Support Center > > Get Secure! - http://www.microsoft.com/security > ===================================================== > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > ===================================================== > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > -------------------- > --->From: "Fat Frog" <FatFrog@newsgroup.nospam> > --->Subject: domain logon issue > --->Date: Mon, 28 Apr 2008 22:12:21 -0400 > --->Lines: 74 > --->X-Priority: 3 > --->X-MSMail-Priority: Normal > --->X-Newsreader: Microsoft Outlook Express 6.00.2900.3138 > --->X-RFC2646: Format=Flowed; Original > --->X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 > --->Message-ID: <eHbg25ZqIHA.4928@TK2MSFTNGP04.phx.gbl> > --->Newsgroups: microsoft.public.windows.server.general > --->NNTP-Posting-Host: gateway.jabil.com 198.51.174.14 > --->Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl > --->Xref: TK2MSFTNGHUB02.phx.gbl > microsoft.public.windows.server.general:37351 > --->X-Tomcat-NG: microsoft.public.windows.server.general > ---> > --->Hello. > ---> > --->I am having problem on a member server running Windows Server 2003 > SP1. > ---> > --->It took 30 minutes to log on to the domain after a reboot. The server > seemed > --->to be forever hanging at "applying settings..." before it finally > connected > --->to the domain. > ---> > --->I found a lot of errors with event ID 1053, source: userenv. "Windows > cannot > --->determine the user or computer name. (The specified domain either does > not > --->exist or could not be contacted.) Group Policy processing aborted." > --->____________________ > ---> > --->Running netdiag.ext shows some errors: > ---> > --->Testing trust relationships... Failed > --->Testing Kerberos authentication... Failed > ---> > --->DC discovery test. . . . . . . . . : Failed > ---> Find DC in domain 'MyDomainName': > ---> > ---> [FATAL] Cannot find DC in domain 'MyDomainName'. > --->[ERROR_NO_SUCH_DOMAIN] > ---> > --->DC list test . . . . . . . . . . . : Failed > ---> 'MyDomainName': Cannot find DC to get DC list from [test > skipped]. > ---> List of DCs in Domain 'MyDomainName': > ---> > --->Trust relationship test. . . . . . : Failed > ---> Test to ensure DomainSid of domain 'MyDomainName' is correct. > ---> 'MyDomainName': Cannot find DC to get DC list from [test skipped]. > ---> > ---> [FATAL] Secure channel to domain 'MyDomainName' is broken. > --->[ERROR_NO_LOGON_SERVERS] > ---> > --->Kerberos test. . . . . . . . . . . : Skipped > ---> 'MyDomainName': Cannot find DC to get DC list from [test > skipped]. > --->LDAP test. . . . . . . . . . . . . : Failed > ---> > ---> Cannot find DC to run LDAP tests on. The error occurred was: The > --->specified domain either does not exist or could not be contacted. > ---> > ---> Find DC in domain 'MyDomainName': > ---> > ---> [WARNING] Cannot find DC in domain 'MyDomainName'. > --->[ERROR_NO_SUCH_DOMAIN] > --->________________ > ---> > --->MS Help says: > ---> > --->To verify that the domain controller can be contacted through Domain > Name > --->System (DNS), try to access \\mydomain.com\sysvol\mydomain.com, where > --->mydomain.com is the fully qualified DNS name of your domain. > ---> > --->This test also failed. > --->________________ > ---> > --->I tried to connect to this server from a couple of client computers. > One > --->client is ok. > ---> > --->The other client got the following: > ---> > --->The Mapped network drive could not be created because the following > error > --->has occurred: The specified network name is no longer available. > ---> > --->When I tried to connect to it via UNC, it also errored out: > --->There are currently no logon servers available to service the logon > request. > ---> > --->Sorry for the long post. > --->Thanks for your help. > --->TL > ---> > ---> > ---> > ---> >
Guest Morgan che Posted April 30, 2008 Posted April 30, 2008 Re: domain logon issue Hi, Thanks for letting us know that my suggestion works. I appreciate your time and effort in keeping it monitored. Please do not hesitate to let me know if this problem reoccurs. Thank you and have a nice day! Sincerely Morgan Che Microsoft Online Support Microsoft Global Technical Support Center Get Secure! - http://www.microsoft.com/security ===================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- --->From: "Fat Frog" <FatFrog@newsgroup.nospam> --->References: <eHbg25ZqIHA.4928@TK2MSFTNGP04.phx.gbl> <OLabOleqIHA.4284@TK2MSFTNGHUB02.phx.gbl> --->Subject: Re: domain logon issue --->Date: Tue, 29 Apr 2008 19:26:50 -0400 --->Lines: 266 --->X-Priority: 3 --->X-MSMail-Priority: Normal --->X-Newsreader: Microsoft Outlook Express 6.00.2900.3138 --->X-RFC2646: Format=Flowed; Original --->X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 --->Message-ID: <eUHyDClqIHA.3508@TK2MSFTNGP03.phx.gbl> --->Newsgroups: microsoft.public.windows.server.general --->NNTP-Posting-Host: gateway.jabil.com 198.51.174.14 --->Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl --->Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.general:37428 --->X-Tomcat-NG: microsoft.public.windows.server.general ---> --->Thanks so much for the detailed help and instructions. ---> --->So I first checked the DNS servers' IP addresses, and see if they were --->entered correctly. As it turned out, both the primary and the secondary DNS --->servers' IP addresses had been wrong. They were the old ones, pointing to --->one that's no longer a DNS server, and two that's been retired. ---> --->I have changed the DNS servers' IP addresses, and ran netdiag.exe, and it --->now shows "PASSED" where it showed "Failed" before: ---> ---> Testing DNS ---> Testing redirector and browser... Passed ---> Testing DC discovery. ---> Looking for a DC ---> Looking for a PDC emulator ---> Looking for an Active Directory DC ---> Gathering the list of Domain Controllers for domain 'MyDomainName' ---> Testing trust relationships... Passed ---> Testing Kerberos authentication... Passed ---> --->I will keep an eye on the 1053 error in the event log, but so far I haven't --->seen one. This is a production server. I will not be able to reboot it till --->the weekend. I will post back if there is anything else regarding this --->issue. ---> --->Thanks again. --->TL ---> ---> ---> --->"Morgan che(MSFT)" <v-morche@online.microsoft.com> wrote in message --->news:OLabOleqIHA.4284@TK2MSFTNGHUB02.phx.gbl... --->> Hi, --->> --->> Thanks for posting here. --->> --->> From your description, I understand the domain member server running --->> Windows Server 2003 SP1 takes 30 minutes to log on domain and you found --->> the --->> Event ID 1053 in this problematic member server. --->> --->> Analysis and suggestion: --->> ====================== --->> --->> From the Dcdiag output, I suspect this error may caused by the failure of --->> DNS resolution. When client queried SRV record on DNS to locate a domain --->> controller, the DNS fails to respond the corresponding name resolution or --->> respond the incorrect name resolution. --->> --->> Please verify that if this computer is connected to the network, configure --->> the correct DNS server IP addresses, and at least one of the DNS servers --->> is --->> running. If you use AD-integrated DNS, please make sure the DNS setting on --->> the current machine points to the DC. If you use standalone DNS, please --->> make sure you have correctly pointed to this DNS server. --->> --->> Also, please check if the DC you attempt to logon is running. If so, --->> please --->> restart netlogon services on this DC to register the corresponding SRV --->> record on DNS and test the result. --->> --->> After doing this, if this issue still persists. To further narrow down --->> this --->> issue, please assist me to collect the following informatiuon and send me --->> via v-morche@microsoft.com: --->> --->> 1. How many computers are facing this problem? --->> --->> 2. Are there local DCs in the same subnet as the problematic computer? --->> --->> --->> Logs collection: --->> --->> 1. please run "Dcdiag /a /v > C:\dcdiag.log" on the current domain --->> controller. --->> --->> Note: we need to install the Windows 2003 support tools in the path of --->> X:\Support\Tools\Support.msi of the Windows 2003 installation disc --->> --->> 2. please run "Netdiag /v > C:\netdiag.log" on the current domain --->> controller. --->> --->> Note: we need to install the Windows 2003 support tools in the path of --->> X:\Support\Tools\Support.msi of the Windows 2003 installation disc --->> --->> 3. Collect Userenv.log --->> --->> Please do as following steps on these problematic computer to obtain --->> detailed troubleshooting information from the user environment debug log. --->> --->> a. Start Registry Editor. --->> --->> b. Locate and then click the following registry subkey: --->> --->> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon --->> --->> c. Right-click and new add DWORD(32-bit) with the Value of --->> "UserEnvDebugLevel" --->> --->> d. Type in 100002(Hexadecimal) or 65538(Decimal) in the Value data box, --->> and --->> then click OK. --->> --->> e. Reboot the problematic computer to make the change take into effect. --->> --->> The Userenv.log is located in the folder: %SYSTEMDRIVE%\Debug\UserMode\ --->> --->> 4. Collect Winlogon.log --->> --->> Please do as following steps on these problematic computer to enable --->> winlogon.log as the delay occurs during computer startup: --->> --->> a. Start Registry Editor (Regedit.exe) --->> --->> b. Locate and click the following key in the registry: --->> --->> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows --->> NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83 --->> A}. --->> --->> Please note: The above registry key is one path; it has been wrapped for --->> readability. --->> --->> c. Edit the following registry value: --->> --->> Value name: ExtensionDebugLevel --->> --->> Data type: DWORD --->> --->> Value data: 2 --->> --->> d. Quit Registry Editor --->> --->> e. Reboot the computer --->> --->> The Winlogon.log file is created in the folder %systermroot% --->> \Security\Logs --->> --->> Thanks for your time in advance. After receiving this requested --->> information, I will do further research and get back to you with my --->> suggestion. --->> --->> Have a good day! --->> --->> --->> Sincerely --->> Morgan Che --->> Microsoft Online Support --->> Microsoft Global Technical Support Center --->> --->> Get Secure! - http://www.microsoft.com/security --->> ===================================================== --->> When responding to posts, please "Reply to Group" via your newsreader so --->> that others may learn and benefit from your issue. --->> ===================================================== --->> This posting is provided "AS IS" with no warranties, and confers no --->> rights. --->> --->> --->> -------------------- --->> --->From: "Fat Frog" <FatFrog@newsgroup.nospam> --->> --->Subject: domain logon issue --->> --->Date: Mon, 28 Apr 2008 22:12:21 -0400 --->> --->Lines: 74 --->> --->X-Priority: 3 --->> --->X-MSMail-Priority: Normal --->> --->X-Newsreader: Microsoft Outlook Express 6.00.2900.3138 --->> --->X-RFC2646: Format=Flowed; Original --->> --->X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198 --->> --->Message-ID: <eHbg25ZqIHA.4928@TK2MSFTNGP04.phx.gbl> --->> --->Newsgroups: microsoft.public.windows.server.general --->> --->NNTP-Posting-Host: gateway.jabil.com 198.51.174.14 --->> --->Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl --->> --->Xref: TK2MSFTNGHUB02.phx.gbl --->> microsoft.public.windows.server.general:37351 --->> --->X-Tomcat-NG: microsoft.public.windows.server.general --->> ---> --->> --->Hello. --->> ---> --->> --->I am having problem on a member server running Windows Server 2003 --->> SP1. --->> ---> --->> --->It took 30 minutes to log on to the domain after a reboot. The server --->> seemed --->> --->to be forever hanging at "applying settings..." before it finally --->> connected --->> --->to the domain. --->> ---> --->> --->I found a lot of errors with event ID 1053, source: userenv. "Windows --->> cannot --->> --->determine the user or computer name. (The specified domain either does --->> not --->> --->exist or could not be contacted.) Group Policy processing aborted." --->> --->____________________ --->> ---> --->> --->Running netdiag.ext shows some errors: --->> ---> --->> --->Testing trust relationships... Failed --->> --->Testing Kerberos authentication... Failed --->> ---> --->> --->DC discovery test. . . . . . . . . : Failed --->> ---> Find DC in domain 'MyDomainName': --->> ---> --->> ---> [FATAL] Cannot find DC in domain 'MyDomainName'. --->> --->[ERROR_NO_SUCH_DOMAIN] --->> ---> --->> --->DC list test . . . . . . . . . . . : Failed --->> ---> 'MyDomainName': Cannot find DC to get DC list from [test --->> skipped]. --->> ---> List of DCs in Domain 'MyDomainName': --->> ---> --->> --->Trust relationship test. . . . . . : Failed --->> ---> Test to ensure DomainSid of domain 'MyDomainName' is correct. --->> ---> 'MyDomainName': Cannot find DC to get DC list from [test skipped]. --->> ---> --->> ---> [FATAL] Secure channel to domain 'MyDomainName' is broken. --->> --->[ERROR_NO_LOGON_SERVERS] --->> ---> --->> --->Kerberos test. . . . . . . . . . . : Skipped --->> ---> 'MyDomainName': Cannot find DC to get DC list from [test --->> skipped]. --->> --->LDAP test. . . . . . . . . . . . . : Failed --->> ---> --->> ---> Cannot find DC to run LDAP tests on. The error occurred was: The --->> --->specified domain either does not exist or could not be contacted. --->> ---> --->> ---> Find DC in domain 'MyDomainName': --->> ---> --->> ---> [WARNING] Cannot find DC in domain 'MyDomainName'. --->> --->[ERROR_NO_SUCH_DOMAIN] --->> --->________________ --->> ---> --->> --->MS Help says: --->> ---> --->> --->To verify that the domain controller can be contacted through Domain --->> Name --->> --->System (DNS), try to access \\mydomain.com\sysvol\mydomain.com, where --->> --->mydomain.com is the fully qualified DNS name of your domain. --->> ---> --->> --->This test also failed. --->> --->________________ --->> ---> --->> --->I tried to connect to this server from a couple of client computers. --->> One --->> --->client is ok. --->> ---> --->> --->The other client got the following: --->> ---> --->> --->The Mapped network drive could not be created because the following --->> error --->> --->has occurred: The specified network name is no longer available. --->> ---> --->> --->When I tried to connect to it via UNC, it also errored out: --->> --->There are currently no logon servers available to service the logon --->> request. --->> ---> --->> --->Sorry for the long post. --->> --->Thanks for your help. --->> --->TL --->> ---> --->> ---> --->> ---> --->> ---> --->> ---> ---> --->
Recommended Posts