Vista Business Domain Trust Problem
Hi there, I have a user running Vista Business SP1 who is having a terribly slow time logging on - it takes about 15 minutes. I have looked under the Event log and found the following: Log Name: System Source: DnsApi Date: 26/06/2008 11:35:41 AM Event ID: 11166 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: Computer-name.domain.local Description: The system failed to register host (A or AAAA) resource records (RRs) for network adapter with settings: Adapter Name : {82AA8FFB-5F77-4EA2-928E-18C4ABCA5113} Host Name : Computer-name Primary Domain Suffix : domain.local DNS server list : 192.168.1.131, 203.0.178.191 Sent update to server : 192.168.1.131:53 IP Address(es) : 192.168.1.113 The reason the system could not register these RRs was because of a security related problem. The cause of this could be (a) your computer does not have permissions to register and update the specific DNS domain name set for this adapter, or (b) there might have been a problem negotiating valid credentials with the DNS server during the processing of the update request. You can manually retry DNS registration of the network adapter and its settings by typing "ipconfig /registerdns" at the command prompt. If problems still persist, contact your DNS server or network systems administrator. For specific error code, see the record data displayed below. Log Name: System Source: Microsoft-Windows-GroupPolicy Date: 26/06/2008 11:36:03 AM Event ID: 1129 Task Category: None Level: Error Keywords: User: SYSTEM Computer: Computer-name.domain.local Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Log Name: System Source: NETLOGON Date: 26/06/2008 11:36:10 AM Event ID: 5719 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Computer-name.domain.local Description: This computer was not able to set up a secure session with a domain controller in domain ourdomain due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Log Name: System Source: Microsoft-Windows-Time-Service Date: 26/06/2008 11:36:10 AM Event ID: 130 Task Category: None Level: Warning Keywords: Classic User: N/A Computer: Computer-name.domain.local Description: NtpClient was unable to set a domain peer to use as a time source because of failure in establishing a trust relationship between this computer and the ' ourdomain.local' domain in order to securely synchronize time. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: The trust relationship between this workstation and the primary domain failed. (0x800706FD) Log Name: System Source: NETLOGON Date: 26/06/2008 11:36:17 AM Event ID: 3210 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Computer-name.domain.local Description: This computer could not authenticate with \\ourdnsserver.domain.local, a Windows domain controller for domain ourdomain, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator. The first thing to do would be to leave the domain and rejoin but I really don't want to setup the profile again. Can anyone suggest any other options to get rid of these error messages and speed up logon times by re applying the domain trust?
June 26th, 2008 9:18am

Hi, I would like to confirm whether you can logon the Windows Vista machine with domain account after waiting 15 minutes. In addition, I suggest performing the resolution in the following KB and check the result: A client connected to an Ethernet switch may receive several logon-related error messages during startup http://support.microsoft.com/default.aspx?scid=kb;EN-US;202840 Hope it helps.
Free Windows Admin Tool Kit Click here and download it now
June 30th, 2008 12:14pm

I think you can also creat and link a GPO that cause logon to wait for network. this seems to be working for me.
June 17th, 2009 9:31pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics