Re: big trouble with Server - as KB933994
"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66a408d8cab70642e3c33c@msnews.microsoft.com...
> Hello Trapulo,
>
> Please post the complete error message.
This is the error when I try to run gpupdate:
1053
Windows cannot determine the user or computer name. (There are no more
endpoints available from the endpoint mapper. ). Group Policy processing
aborted.
> Additional post an unedited ipconfig /all from both DC's.
This is from the old Win2K controller:
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : server01
Primary DNS Suffix . . . . . . . : mydomain.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mydomain.com
Ethernet adapter Intel 82544GC Based Network Connection - onboard:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel 82544GC-based XT Eval Gigabit
Adapter
Physical Address. . . . . . . . . : 00-06-5B-8F-99-78
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.18.20
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.18.6
DNS Servers . . . . . . . . . . . : 192.168.18.20
192.168.18.21
(18.21 is the other W2K domain controller, with same output)
This is from the new W2K3 controller that doesn't run:
Windows IP Configuration
Host Name . . . . . . . . . . . . : server08
Primary Dns Suffix . . . . . . . : mydomain.com
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mydomain.com
Ethernet adapter {2C970B77-5941-42EE-AC30-0BDD2475466F}:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Loopback Adapter
Physical Address. . . . . . . . . : 02-00-4C-4F-4F-50
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.25.129
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter {51D91C03-047A-4BFF-881A-88291CAA6518}:
Connection-specific DNS Suffix . : mydomain.com
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-10-18-33-9A-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.18.140
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.18.6
DHCP Server . . . . . . . . . . . : 192.168.18.20
DNS Servers . . . . . . . . . . . : 192.168.18.20
192.168.18.21
Lease Obtained. . . . . . . . . . : lunedì 21 luglio 2008 9.28.20
Lease Expires . . . . . . . . . . : martedì 29 luglio 2008 9.28.20
Ethernet adapter {EC441192-2E5D-44DB-B2C6-F3405F52D5E6}:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE
(NDIS VBD Client)
Physical Address. . . . . . . . . : 00-1E-4F-3D-A1-CB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.73.29
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter {C68EEF3A-3405-4197-997D-7ACA3409BE38}:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE
(NDIS VBD Client) #2
Physical Address. . . . . . . . . : 00-1E-4F-3D-A1-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.113.88
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
--------------------------------------------------------
> Did you run dcdiag,
Domain Controller Diagnosis
Performing initial setup:
[server08] Directory Binding Error 1753:
Win32 Error 1753
This may limit some of the tests that can be performed.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER08
Starting test: Connectivity
The host 7dca8c5b-84c8-4def-ae51-f1bf57dc0005._msdcs.com.mydomain
could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(7dca8c5b-84c8-4def-ae51-f1bf57dc0005._msdcs.com.mydomain) couldn't
be resolved, the server name (server08.mydomain.com) resolved to
the
IP address (192.168.18.140) and was pingable. Check that the IP
address is registered correctly with the DNS server.
......................... SERVER08 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER08
Skipping all tests, because server SERVER08 is
not responding to directory service requests
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : it
Starting test: CrossRefValidation
......................... it passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... it passed test CheckSDRefDom
Running enterprise tests on : mydomain.com
Starting test: Intersite
......................... mydomain.com passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 2138
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 2138
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 2138
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
2138
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 2138
A KDC could not be located - All the KDCs are down.
......................... mydomain.com failed test FsmoCheck
-----------------------------------------------------
>netdiag and
this is very long: I attach only the interesting part:
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Failed
List of NetBt transports currently configured:
[FATAL] Unable to retrieve transport list from Redir.
[NERR_WkstaNotStarted]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'server08.mydomain.com.'. [ERROR_TIMEOUT]
The name 'server08.mydomain.com.' may not be registered in DNS.
[WARNING] Cannot find a primary authoritative DNS server for the
name
'server08.mydomain.com.'. [ERROR_TIMEOUT]
The name 'server08.mydomain.com.' may not be registered in DNS.
[WARNING] Cannot find a primary authoritative DNS server for the
name
'server08.mydomain.com.'. [ERROR_TIMEOUT]
The name 'server08mydomain.com.' may not be registered in DNS.
[WARNING] Cannot find a primary authoritative DNS server for the
name
'server08.mydomain.com.'. [ERROR_TIMEOUT]
The name 'server08.mydomain.com.' may not be registered in DNS.
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS server 192.168.18.20, ERROR_TIMEOUT.
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS server 192.168.18.21, ERROR_TIMEOUT.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
[FATAL] Workstation service is not running. [FFFFFFFF]
DC discovery test. . . . . . . . . : Failed
[FATAL] Cannot find DC in domain 'MYDOMAIN'. [NERR_NetNotStarted]
DC list test . . . . . . . . . . . : Failed
'MYDOMAIN': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Skipped
'MYDOMAIN': Cannot find DC to get DC list from [test skipped].
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The
workstation driver is not installed.
[WARNING] Cannot find DC in domain MYDOMAIN. [NERR_NetNotStarted]
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
------------------------------------------------------
repadmin /showrepl from
> the support tools?
repadmin running command /showrepl against server localhost
Default-First-Site-Name\SERVER08
DC Options: IS_GC
Site Options: (none)
DC object GUID: 7dca8c5b-84c8-4def-ae51-f1bf57dc0005
DC invocationID: 4c4b35f2-9dc3-45e5-8694-a5c05734319a
DsBindWithCred to localhost failed with status 1753 (0x6d9):
Can't retrieve message string 1753 (0x6d9), error 1815.
---------------------------------------
reports seem right, if we think that all core services are down
thanks
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hello,
>> I added a Windows 2003 Server to an existing 2000 domain, and made it
>> an
>> additional domain controller. All ok, I restarted, I made GC, all
>> worked
>> fine.
>> Then I restarted an other time... boom. Every crytical windows
>> services
>> don't start more. Only RPC works: others (COM+, network connections,
>> shell
>> hardware detection, etc) don't start.
>> It seems as KB933994 describes: the old group policy didn't assign
>> "impersonate a client after authentication" to Service and Network
>> accounts,
>> so I think that the replicated policy has blocked the 2003 system.
>> Now? I've tried to update policy on the W2003 server, but it doesn't
>> apply it. When I run a gpupdate, it reports that "there are no more
>> available endpoints" and it doesn't load changed policy.
>>
>> Any idea? Please help.
>>
>> thanks
>>
>
>