Windows 2008 R2 - DNS Problem
Hi,
I need help with a DNS issue in Windows 2008 R2
GReport: "Group Policy Infrastructure failed due to the error listed below."
The Event Viewer shows the following errors:
Source: GroupPolicy
EventID: 1053
Level: Error
Info: The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
Source: LSA (LsaSrv)
EventID: 40960
Level: Warning
Info: The description for Event ID 40960 from source LsaSrv cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
DNS/nxssrvdc001.nexussa.cl
Kerberos
"There are currently no logon servers available to service the logon request.
(0xc000005e)"
the message resource is present but the message is not found in the string/message table
Source: NETLOGON
EventID: 5719
Level: Error
Info: This computer was not able to set up a secure session with a domain controller in domain NEXUS_NT_1 due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified
domain.
Source: DnsApi
EventID: 111666
Level: Warning
Info: The system failed to register host (A or AAAA) resource records (RRs) for network adapter
with settings:
Adapter Name : {5A74E56A-09B2-470B-9E42-44391E20437B}
Host Name : NXSSRVIISCSD02
Primary Domain Suffix : nexussa.cl
DNS server list :
200.10.XXX.XXX, 200.10.XXX.XXX
Sent update to server : 200.10.XXX.XXX:53
IP Address(es) :
2002:c80a:860::c80a:860, 2002:c8c8:c8c2::c8c8:c8c2
The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there
might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. See event details for specific
error code information.
Please help for resolved this issue.
Thanks
July 17th, 2012 10:49am
Please refer following articles, might help you..
EventID: 40960-40961
http://social.technet.microsoft.com/Forums/en/winserverDS/thread/005f219d-1da0-48ad-8f5f-bc80d92cde92
Event ID 5719 is logged when you start a computer
http://support.microsoft.com/kb/938449
Active Directory: Event ID 5719 Source Netlogon (dsforum2wiki)
http://social.technet.microsoft.com/wiki/contents/articles/2466.active-directory-event-id-5719-source-netlogon-dsforum2wiki.aspx
Event ID 11166 DNS Client Registration
http://technet.microsoft.com/en-us/library/cc735785(v=ws.10)
Event ID 1053 Group Policy Preprocessing (Security)
http://technet.microsoft.com/en-us/library/cc727337(v=ws.10).aspx
I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
Free Windows Admin Tool Kit Click here and download it now
July 17th, 2012 10:55am
As there are multiple errors, I would suggest you to fix each one of them one by one to narrow down to the root cause.
There is no such thumb rule to say that, the suggestion works for sure i.e. 100% guaranteed ! A solution which might work for me, might not work for others due to several other environmental or application constraints.
If the server in question is critical host for you, then I would suggest you to create a support request with Microsoft and you would be assured a definite solution.
I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
July 17th, 2012 11:46am
GPUPDATE /Force results:
Updating Policy...
User Policy update has completed successfully.
Computer policy could not be updated successfully. The following errors were enc
ountered:
The processing of Group Policy failed. Windows attempted to retrieve new Group P
olicy settings for this user or computer. Look in the details tab for error code
and description. Windows will automatically retry this operation at the next re
fresh cycle. Computers joined to the domain must have proper name resolution and
network connectivity to a domain controller for discovery of new Group Policy o
bjects and settings. An event will be logged when Group Policy is successful.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
rom the command line to access information about Group Policy results.
The Event Viewer shows the following errors:
Source: GroupPolicy
EventID: 1053 /// Error Code: 1355
Level: Error
Info: The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more
of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current
domain controller).
Source: LSA (LsaSrv)
EventID: 40960
Level: Warning
Info: The description for Event ID 40960 from source LsaSrv cannot be found. Either the component that raises this event
is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
DNS/nxssrvdc001.nexussa.cl
Kerberos
"There are currently no logon servers available to service the logon request.
(0xc000005e)"
the message resource is present but the message is not found in the string/message table
Source: NETLOGON
EventID: 5719
Level: Error
Info: This computer was not able to set up a secure session with a domain controller in domain NEXUS_NT_1 due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller
emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
Source: DnsApi
EventID: 111666
Level: Warning
Info: The system failed to register host (A or AAAA) resource records (RRs) for network adapter
with settings:
Adapter Name : {5A74E56A-09B2-470B-9E42-44391E20437B}
Host Name : NXSSRVIISCSD02
Primary Domain Suffix : nexussa.cl
DNS server list :
200.10.XXX.XXX, 200.10.XXX.XXX
Sent update to server : 200.10.XXX.XXX:53
IP Address(es) :
2002:c80a:860::c80a:860, 2002:c8c8:c8c2::c8c8:c8c2
The reason the system could not register these RRs was because of a security related problem. The cause of this could
be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns"
at the command prompt. If problems still persist, contact your DNS server or network systems administrator. See event details for specific error code information.
Please help for resolved this issue.
Thanks
Free Windows Admin Tool Kit Click here and download it now
July 17th, 2012 1:24pm
Hi,
Its a DNS name resolution issue. Make sure that client is configured to point the correct DNS server and the domain controller can be contacted using its FQDN.
Please post the unedited ipconfig /all from both the machines to proceed further.
Regards,
Rafic
If you found this post helpful, please give it a "Helpful" vote.
If it answered your question, remember to mark it as an "Answer".
This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!
July 17th, 2012 1:33pm
Cross post !
Windows 2008 R2 - DNS Problem
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/39f94ca0-f163-41e6-a157-be7b6afe8f04
In your earlier thread, you have mentioned following
The problem came when they added a new card in server.
The nic princial "Team 01" is 2.0 Gbps
Additionally there is another nic: "xxx" which is 100 Mbps
When I add the new card, began to appear the error messages. The affected server
is in production and the impact should be minimal, so I must be 100% which is the solution to make.
It appears that, the server in question is a DC and you have multihomed it. Multihoming DCs are not recommended. Why ? here is an excerpt from this
thread
Technically speaking, multihomed
domain controller is supported. However its not recommended as numerous issues can occur in such an environment, such as name resolving (DNS,
WINS). Though some general configuration change can be performed to avoid the issues that result from the multihomed
domain controller, considering the different network environments (default gateway, route table and reason for multihome) and different application usage, you may need to perform some additional operation and troubleshooting to make it work. If it is possible,
we strongly suggest that you do not configure domain controller as multihomed.
Here I listed the following known issues of multihomed
domain controller for your reference:
- Browsing
Service is much affected by multihomed computers. Because the browser service does not merge networks. Each browser service bound to each interface operates independently, and the DC maintains a "separate" cumulative list on each interface that are not merged.
Symptoms of multihomed browsers
http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611
Troubleshooting browser Event ID 8021 and 8032 on master browsers
http://support.microsoft.com/kb/135404
- Influence
on the name resolve.
Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/kb/272294
Name resolution and connectivity issues occur on Windows 2000 domain controllers that have the Routing and Remote Access service and DNS installed
http://support.microsoft.com/kb/830063
Delay in NetBIOS connections from a multi-homed computer
http://support.microsoft.com/kb/166159
I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
Free Windows Admin Tool Kit Click here and download it now
July 17th, 2012 2:47pm
Cross post !
Windows 2008 R2 - DNS Problem
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/39f94ca0-f163-41e6-a157-be7b6afe8f04
In your earlier thread, you have mentioned following
The problem came when they added a new card in server.
The nic princial "Team 01" is 2.0 Gbps
Additionally there is another nic: "xxx" which is 100 Mbps
When I add the new card, began to appear the error messages. The affected server
is in production and the impact should be minimal, so I must be 100% which is the solution to make.
It appears that, the server in question is a DC and you have multihomed it. Multihoming DCs are not recommended. Why ? here is an excerpt from this
thread
Technically speaking, multihomed
domain controller is supported. However its not recommended as numerous issues can occur in such an environment, such as name resolving (DNS,
WINS). Though some general configuration change can be performed to avoid the issues that result from the multihomed
domain controller, considering the different network environments (default gateway, route table and reason for multihome) and different application usage, you may need to perform some additional operation and troubleshooting to make it work. If it is possible,
we strongly suggest that you do not configure domain controller as multihomed.
Here I listed the following known issues of multihomed
domain controller for your reference:
- Browsing
Service is much affected by multihomed computers. Because the browser service does not merge networks. Each browser service bound to each interface operates independently, and the DC maintains a "separate" cumulative list on each interface that are not merged.
Symptoms of multihomed browsers
http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611
Troubleshooting browser Event ID 8021 and 8032 on master browsers
http://support.microsoft.com/kb/135404
- Influence
on the name resolve.
Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/kb/272294
Name resolution and connectivity issues occur on Windows 2000 domain controllers that have the Routing and Remote Access service and DNS installed
http://support.microsoft.com/kb/830063
Delay in NetBIOS connections from a multi-homed computer
http://support.microsoft.com/kb/166159
I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
yeah, is the same post.
But the server it is not a DC and the errors in the event viewer began the add new card ethernet.
The server is a IIS aplication and the second card it used for external clients
so the second card is not configured DNS
Thanks for you help!!
July 17th, 2012 3:06pm
Cross post !
Windows 2008 R2 - DNS Problem
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/39f94ca0-f163-41e6-a157-be7b6afe8f04
In your earlier thread, you have mentioned following
The problem came when they added a new card in server.
The nic princial "Team 01" is 2.0 Gbps
Additionally there is another nic: "xxx" which is 100 Mbps
When I add the new card, began to appear the error messages. The affected server
is in production and the impact should be minimal, so I must be 100% which is the solution to make.
It appears that, the server in question is a DC and you have multihomed it. Multihoming DCs are not recommended. Why ? here is an excerpt from this
thread
Technically speaking, multihomed
domain controller is supported. However its not recommended as numerous issues can occur in such an environment, such as name resolving (DNS,
WINS). Though some general configuration change can be performed to avoid the issues that result from the multihomed
domain controller, considering the different network environments (default gateway, route table and reason for multihome) and different application usage, you may need to perform some additional operation and troubleshooting to make it work. If it is possible,
we strongly suggest that you do not configure domain controller as multihomed.
Here I listed the following known issues of multihomed
domain controller for your reference:
- Browsing
Service is much affected by multihomed computers. Because the browser service does not merge networks. Each browser service bound to each interface operates independently, and the DC maintains a "separate" cumulative list on each interface that are not merged.
Symptoms of multihomed browsers
http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611
Troubleshooting browser Event ID 8021 and 8032 on master browsers
http://support.microsoft.com/kb/135404
- Influence
on the name resolve.
Active Directory communication fails on multihomed domain controllers
http://support.microsoft.com/kb/272294
Name resolution and connectivity issues occur on Windows 2000 domain controllers that have the Routing and Remote Access service and DNS installed
http://support.microsoft.com/kb/830063
Delay in NetBIOS connections from a multi-homed computer
http://support.microsoft.com/kb/166159
I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
yeah, is the same post.
But the server it is not a DC and the errors in the event viewer began the add new card ethernet.
The server is a IIS aplication and the second card it used for external clients
so the second card is not configured DNS
Thanks for you help!!
Oops ! I overlooked server host name CSD02 and misread that as DC02. Really sorry for the confusion !I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
Free Windows Admin Tool Kit Click here and download it now
July 17th, 2012 3:20pm
What is the message you see when you run nslookup from cmd ?
Is power saving enabled on the NIC's?
Check for latest NIC driver as well.I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
July 17th, 2012 4:25pm
What is the message you see when you run nslookup from cmd ?
Is power saving enabled on the NIC's?
Check for latest NIC driver as well.I do not represent the organisation I work for, all the opinions expressed here are my own.
This posting is provided "AS IS" with no warranties or guarantees and confers no rights.
- .... .- -. -.- ... --..-- ... .- -. - --- ... ....
Free Windows Admin Tool Kit Click here and download it now
July 17th, 2012 4:25pm
Can you also post ipconfig /all from DCs ?Don't be a prick ! Be reasonable and provide your feedback. Say something whether the suggestion was helpful or not, mark a reply as answer or click on to vote helpful if any suggestion really helps you, don't leave that choice to moderators, let the credit
go to a contributor who has invested his precious time on your questions. Please be informed that, moderators are also humans and they also make mistakes ;-) Last but not the least, Unmark as answer if any post doesn't answer your question/s !!!
July 17th, 2012 4:56pm
Hi,
I would like to confirm what is the current situation? If there is anything that I can do for you, please do not hesitate to let me know, and I will be happy to help.
Regards,
Arthur Li
TechNet Subscriber Support
If you are
TechNet Subscription
user and have any feedback on our support quality, please send your feedback
here.Arthur Li
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
July 23rd, 2012 11:49pm