+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Wireless Networks Thread, Netlogon error in Technical; I keep geting an error that has been confusing me for quite a while now. It seems that when my ...
  1. #1
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Netlogon error

    I keep geting an error that has been confusing me for quite a while now. It seems that when my curric server talks to the admin server it throws up a netlogon error in the event log.

    Here's what it says.


    Code:
    This computer was not able to set up a secure session with a domain controller in domain admin11101 due to the following:
    There are currently no logon servers available to service the logon request.
    This may lead to authentication problems.  Make sure that this computer is connected to the network.  If the problem persists, please contact your domain administrator.
    
    ADDITTIONAL INFORMATION
    If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain.  Otherwise, this computer sets up the secure session th any domain controller in the specified domain.
    
    For more information, see help and support center at Http://go.microsoft.com/fwlink/events.asp.

    I've tried looking at microsofts knowledge base but couldn't come up with any possible answers.

    For reference, my curric server is 2003 standard, and my admin server is 2000 advanced server. Don't know if that has any bearing on this or not.

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Netlogon error

    broken trust?

  3. #3
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: Netlogon error

    It looks like either a DNS issue or a trust issue.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Netlogon error

    Yeah, DNS would of been my second stab in the dark.

  5. #5
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Re: Netlogon error

    How would I go about checking the trust?

    When you say DNS should the admin server have a record in the curric DNS?

  6. #6
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: Netlogon error

    I think they need more than a record in your case and that they should actually be replicating with each other. Not sure though without looking it up so of to google you go! On the trust side have you looked in the trusts console to see whats what? Failing that netdom is describing as the swiss army knife of trusts so check that out for testing stuff.

  7. #7

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Netlogon error

    To check the trust:

    Code:
    netdom trust /d:Curric ADMIN /verify /twoway
    This has to be done from the Curric domain and the case sensitivity is important!

    How do you have DNS setup on the two domains? They need to be able to:

    1. communicate if on separate LANs with some type of routing
    2. communicate by name

    If those two conditions are not met, you will get various interesting errors.

  8. #8
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Re: Netlogon error

    Geoff, I've looked at the DNS on my curric server, there is no record of the admin server in it.
    My Admin server has the curric server listed as a name server but nothing else.

    tried running netdom like this

    Code:
    netdom trust /d:norden2000 ADMIN11101 /verify /twoway
    But the result was the comand could not complete succesfuly.

    The way our network is setup is wierd, the admin domain is on the standard cleo ip range. 10.120.x.x but the curric domain is on a completely different ip range for some reason, 99.0.x.x don't know why and i've been here for a year, but the mess the network was in when I started was unbelievable.

    There are 2 nic's in each DC, one connects to the external network using 10.x.x.x on each, the other conects to the curric domain using 99.0.x.x

    It's a crazy setup and I don't know why we don't use the 10.x.x.x ip range, even the other technician doesn't know, and she's been here for about 5 or 6 years.

  9. #9

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224

    Re: Netlogon error

    It's done like that for security. Its fairly meaningless though and I recommend you ignore it as a technique. I'd put your admin server on the same ip range. It saves a lot of hassle.

    Once thats done. Make sure the server's can ping each other.

    Then you need to sync up the DNS. You need to setup each DNS domain in a master/slave fashion. So for the admin dns domain the admin server is the master and the curric server is the slave. The reverse being true for the curric DNS domain.

    Once that's synced up everything will just start working. Verify with the netdom tool.

  10. #10
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,446
    Thank Post
    10
    Thanked 491 Times in 431 Posts
    Rep Power
    111

    Re: Netlogon error

    Quote Originally Posted by dezt
    Geoff, I've looked at the DNS on my curric server, there is no record of the admin server in it.
    My Admin server has the curric server listed as a name server but nothing else.

    tried running netdom like this

    Code:
    netdom trust /d:norden2000 ADMIN11101 /verify /twoway
    But the result was the comand could not complete succesfuly.

    The way our network is setup is wierd, the admin domain is on the standard cleo ip range. 10.120.x.x but the curric domain is on a completely different ip range for some reason, 99.0.x.x don't know why and i've been here for a year, but the mess the network was in when I started was unbelievable.

    There are 2 nic's in each DC, one connects to the external network using 10.x.x.x on each, the other conects to the curric domain using 99.0.x.x

    It's a crazy setup and I don't know why we don't use the 10.x.x.x ip range, even the other technician doesn't know, and she's been here for about 5 or 6 years.
    Server location records are probably not accessible.

    If Domain A Wants to Trust Domain B then domain A needs to be able to read the server location records for domain B as far as I understand it. For a two way trust, domain B would also need to know the location records for domain A.

    Have you tried adding each others dns server as a forwarder for the specific domain name in dns?

    You might also be able to add the other domains dns server as a secondary on the ad contollers setting up the trust

  11. #11
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Re: Netlogon error

    My servers can ping each other, I just need to setup the dns as master/slave fashion. I've made sure that the admin server is setup as a name server for the curric dns as well as the curric server. and vice versa.

    Is that right so far?

  12. #12
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,446
    Thank Post
    10
    Thanked 491 Times in 431 Posts
    Rep Power
    111

    Re: Netlogon error

    Check http://support.microsoft.com/?kbid=241515

    You need to be able see the srv record for each domain. If you have setup forwarders for each of the other domains then you should be able to query both domains dns server and get the srv records from each (as in it will fetch the result itself and return it).

    Code:
    Domain A test1.school                      Domain B test2.school
    DNS for test1.school                       DNS test2.school 
     Forwarder for test2.school domain          Forwarder for test1.school domain
    You have a client in test1.school. It requests the srv records for test2.school. It sends this request to the test1.school dns server. test1.school dns server sees it is a test2.school domain and uses the forwarder you have setup - the fowarder being the test2.school dns server. test2.school sends the srv record to test1.school dns server. test1.school sends this information back to the test1.school client. and vice-versa.

  13. #13
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Re: Netlogon error

    Ok, I think I have a major problem here, I looked at the MS article and followed the instructions for nslookup. The result it should have given me was different to the result it gave me.

    Should be hostname.domainname internet=ip address.

    I got

    Code:
    Server     :UnKnown
    IP address :99.0.0.1
    
    DNS request timed out
        timeout was 2 seconds
    *** request to UnKnown timed-out
    I'm getting a bit worried now

  14. #14
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: Netlogon error

    It should be like this yes....

    Z:\>nslookup
    Default Server: fmdc1.fishermore.lancs.sch.uk
    Address: 192.168.0.3
    What are the event logs in DNS saying?

    Can you resolve host names through ping?
    Run netdiag and dcdiag they can be very usefull.

  15. #15
    dezt's Avatar
    Join Date
    Dec 2005
    Location
    Lancs
    Posts
    1,026
    Thank Post
    157
    Thanked 58 Times in 46 Posts
    Rep Power
    29

    Re: Netlogon error

    Here's the 2 errors I keep getting in my DNS event log

    Code:
    The DNS server encountered a packet addressed to itself on IP address 99.0.0.1. The packet is for the DNS name "124.0.0.99.in-addr.arpa.". The packet will be discarded. This condition usually indicates a configuration error. 
     
    Check the following areas for possible self-send configuration errors: 
      1) Forwarders list. (DNS servers should not forward to themselves). 
      2) Master lists of secondary zones. 
      3) Notify lists of primary zones. 
      4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server. 
      5) Root hints. 
     
    Example of self-delegation: 
      -> This DNS server dns1.example.microsoft.com is the primary for the zone example.microsoft.com. 
      -> The example.microsoft.com zone contains a delegation of bar.example.microsoft.com to dns1.example.microsoft.com, 
      (bar.example.microsoft.com NS dns1.example.microsoft.com) 
      -> BUT the bar.example.microsoft.com zone is NOT on this server. 
     
    Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record. 
     
    You can use the DNS server debug logging facility to track down the cause of this problem.
    and


    Code:
    The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.
    hope these are of use to you.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. NETLOGON folder opens when admin logs on
    By FN-GM in forum Windows
    Replies: 28
    Last Post: 13th March 2008, 10:35 AM
  2. sporadic netlogon service problems
    By browolf in forum Windows
    Replies: 7
    Last Post: 29th February 2008, 04:54 PM
  3. WTF does this error mean
    By Gatt in forum Windows
    Replies: 5
    Last Post: 10th July 2007, 04:40 PM
  4. 403 error
    By pickman in forum ICT KS3 SATS Tests
    Replies: 2
    Last Post: 13th February 2007, 03:08 PM
  5. Missing Netlogon Service
    By BKGarry in forum Windows
    Replies: 0
    Last Post: 30th June 2006, 09:42 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •