I have a 2008 server that seems to have stopped being able to connect to the DC on site. It can ping the DC using either the FQDN or the IP, even after I clear the DNS cache so a DNS issue is out. It has several logs showing errors stating that the DC was not operational or unreachable or could not authenticate etc. I checked both the primary and secondary DC from other servers and they are fine. It is a live server and the last thing I want to do is have down time due to a server restart. The DC's have no security logs showing rejections or failures etc from the server. Its like the local LDAP service on the server itself are not working right. Anyone have any suggestions on where to begin to troubleshoot this?

Hi, Please enable netlogon debug logging on the client side and upload it. http://thebackroomtech.com/2007/09/19/howto-enable-windows-debug-logging-to-solve-authentication-problems/ Thank you.Regards, Liran.

Hello, when did you reboot the server last time and do you use latest SP2 and all updates? The debug logging for netlogon may give deeper information.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Thanks for that tip. I enabled logging and it seems as if the DNS servers are not recognizing the server as a member of the domain. A section of the loggining is below also containing a logon attempt. Its a Win Server 2008 SP2 (not R2) running OCS 2007. We have not wanted to bring the box down as it is live running the OCS for all clients. Is there a way to restart all authentication services without restarting the box? 02/01 09:31:42 [SESSION] contoso: NlStartApiClientSession: Unbind from server \\XXXMSDC05.contoso.local (TCP) 0. 02/01 09:31:42 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:31:42 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC05, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:31:42 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:31:42 [CRITICAL] NlPrintRpcDebug: Dumping extended error for I_NetServerReqChallenge with 0xc0020017 02/01 09:31:42 [CRITICAL] [0] ProcessID is 676 02/01 09:31:42 [CRITICAL] [0] System Time is: 2/1/2012 9:31:42:992 02/01 09:31:42 [CRITICAL] [0] Generating component is 2 02/01 09:31:42 [CRITICAL] [0] Status is 1722 02/01 09:31:42 [CRITICAL] [0] Detection location is 193 02/01 09:31:42 [CRITICAL] [0] Flags is 0 02/01 09:31:42 [CRITICAL] [0] NumberOfParameters is 0 02/01 09:31:42 [CRITICAL] [1] ProcessID is 676 02/01 09:31:42 [CRITICAL] [1] System Time is: 2/1/2012 9:31:42:992 02/01 09:31:42 [CRITICAL] [1] Generating component is 5 02/01 09:31:42 [CRITICAL] [1] Status is 1 02/01 09:31:42 [CRITICAL] [1] Detection location is 190 02/01 09:31:42 [CRITICAL] [1] Flags is 0 02/01 09:31:42 [CRITICAL] [1] NumberOfParameters is 2 02/01 09:31:42 [CRITICAL] Long val: 1441792 02/01 09:31:42 [CRITICAL] Unicode string: \\XXXMSDC05.contoso.local\PIPE\NETLOGON 02/01 09:31:42 [CRITICAL] contoso: NlSessionSetup: Session setup: cannot I_NetServerReqChallenge 0xc0020017 02/01 09:31:42 [MISC] Eventlog: 5719 (1) "contoso" 0xc0020017 fac65237 22b87d52 ebe0ce35 25290d4e 7R..R}."5...N.)% 02/01 09:31:42 [SESSION] contoso: NlSetStatusClientSession: Set connection status to c000005e 02/01 09:31:42 [SESSION] contoso: NlSetStatusClientSession: Unbind from server \\XXXMSDC05.contoso.local (PIPE) 0. 02/01 09:31:42 [SESSION] contoso: NlSessionSetup: Session setup Failed 02/01 09:31:42 [LOGON] SamLogon: Interactive logon of contoso\domainadm from XXXMSOCSFE00 Returns 0xC000005E 02/01 09:31:44 [MISC] DsGetDcName function called: Dom:contoso.local Acct:(null) Flags: DS DNS RET_DNS 02/01 09:31:44 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:31:44 [MISC] NetpDcGetName: contoso.local using cached information 02/01 09:31:44 [MISC] DsGetDcName function returns 0: Dom:contoso.local Acct:(null) Flags: DS DNS RET_DNS 02/01 09:32:05 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: IP KDC 02/01 09:32:05 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:05 [MISC] NetpDcGetName: contoso.LOCAL using cached information 02/01 09:32:05 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: IP KDC 02/01 09:32:05 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:05 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:05 [MAILSLOT] NetpDcPingListIp: contoso.LOCAL: Sent UDP ping to 10.20.3.2 02/01 09:32:05 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:05 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC05, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:05 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:05 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:05 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:05 [MAILSLOT] NetpDcPingListIp: contoso.LOCAL: Sent UDP ping to 10.20.3.2 02/01 09:32:05 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:05 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC05, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:05 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:08 [MISC] DsGetDcName function called: Dom:contoso.local Acct:(null) Flags: IP KDC 02/01 09:32:08 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:08 [MISC] NetpDcGetName: contoso.local using cached information 02/01 09:32:08 [MISC] DsGetDcName function returns 0: Dom:contoso.local Acct:(null) Flags: IP KDC 02/01 09:32:08 [MISC] DsGetDcName function called: Dom:contoso.local Acct:(null) Flags: FORCE IP KDC 02/01 09:32:08 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:08 [MAILSLOT] NetpDcPingListIp: contoso.local: Sent UDP ping to 10.20.3.40 02/01 09:32:08 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:08 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC00, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:08 [MISC] DsGetDcName function returns 0: Dom:contoso.local Acct:(null) Flags: FORCE IP KDC 02/01 09:32:08 [MISC] DsGetDcName function called: Dom:contoso.local Acct:(null) Flags: FORCE IP KDC 02/01 09:32:08 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:08 [MAILSLOT] NetpDcPingListIp: contoso.local: Sent UDP ping to 10.20.3.40 02/01 09:32:08 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:08 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC00, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:08 [MISC] DsGetDcName function returns 0: Dom:contoso.local Acct:(null) Flags: FORCE IP KDC 02/01 09:32:08 [LOGON] SamLogon: Interactive logon of contoso.local\domainadm from XXXMSOCSFE00 Entered 02/01 09:32:08 [LOGON] SamLogon: Interactive logon of contoso.local\domainadm from XXXMSOCSFE00 Returns 0xC000005E 02/01 09:32:15 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: IP KDC 02/01 09:32:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:15 [MISC] NetpDcGetName: contoso.LOCAL using cached information 02/01 09:32:15 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: IP KDC 02/01 09:32:15 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:15 [MAILSLOT] NetpDcPingListIp: contoso.LOCAL: Sent UDP ping to 10.20.3.40 02/01 09:32:15 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:15 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC00, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:15 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:15 [MISC] DsGetDcName function called: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:15 [MAILSLOT] NetpDcPingListIp: contoso.LOCAL: Sent UDP ping to 10.20.3.40 02/01 09:32:15 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0 02/01 09:32:15 [MISC] LoadBalanceDebug (Flags: FORCE IP KDC DNS RET_DNS ): DC=XXXMSDC00, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0 02/01 09:32:15 [MISC] DsGetDcName function returns 0: Dom:contoso.LOCAL Acct:(null) Flags: FORCE IP KDC 02/01 09:32:31 [SITE] DsrGetSiteName: Returning site name 'contoso' from local cache. 02/01 09:32:31 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DSP 02/01 09:32:31 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:31 [MISC] NetpDcGetName: contoso.local. using cached information 02/01 09:32:31 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DSP 02/01 09:32:31 [MISC] DsGetDcName function called: Dom:XXXMSOCSFE00 Acct:(null) Flags: NETBIOS RET_DNS 02/01 09:32:31 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1 02/01 09:32:31 [MAILSLOT] Sent 'Sam Logon' message to XXXMSOCSFE00[1C] on all transports. 02/01 09:32:34 [CRITICAL] NetpDcGetNameNetbios: XXXMSOCSFE00: Cannot NlBrowserSendDatagram. (1C) 53 02/01 09:32:34 [MISC] NetpDcGetName: NetpDcGetNameNetbios returned 1355 02/01 09:32:34 [CRITICAL] NetpDcGetName: XXXMSOCSFE00: IP and Netbios are both done. 02/01 09:32:34 [MISC] DsGetDcName function returns 1355: Dom:XXXMSOCSFE00 Acct:(null) Flags: NETBIOS RET_DNS

Essentially we don't want to reboot the server unless we have no other choice. Yes we have SP2 and all latest updates applied.