Domain Controllers

  • Thread starter Thread starter RB
  • Start date Start date
R

RB

I have two Windows 2000 servers and both are DC s in one
domain. I have accidentally corrupted the group policy in
one of them (#2) and now #2 prevents users from accessing
applications in DC #2.

DC#1 gives the following erros:

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5722
Date: 9/9/2003
Time: 10:08:07 AM
User: N/A
Computer: QSPHARMA-SERV
Description:
The session setup from the computer QGMP1 failed to
authenticate. The name of the account referenced in the
security database is QGMP1$. The following error
occurred:
Access is denied.
Data:
0000: 22 00 00 c0 "..À

Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4004
Date: 9/4/2003
Time: 7:26:19 AM
User: N/A
Computer: QSPHARMA-SERV
Description:
The DNS server was unable to complete directory service
enumeration of zone qspharma.local. This DNS server is
configured to use information obtained from Active
Directory for this zone and is unable to load the zone
without it. Check that the Active Directory is
functioning properly and repeat enumeration of the zone.
The event data contains the error.
Data:
0000: 2a 23 00 00 *#..


DC#2 gives the following errors:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 9/9/2003
Time: 10:20:41 AM
User: NT AUTHORITY\SYSTEM
Computer: QGMP1
Description:
Windows cannot determine the user or computer name.
Return value (1326).

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 3210
Date: 9/9/2003
Time: 9:26:34 AM
User: N/A
Computer: QGMP1
Description:
Failed to authenticate with \\qspharma-
serv.qspharma.local, a Windows NT or Windows 2000 domain
controller for domain QSPHARMA.
Data:
0000: 22 00 00 c0 "..À


Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4001
Date: 8/28/2003
Time: 10:03:41 AM
User: N/A
Computer: QGMP1
Description:
The DNS server was unable to open zone qspharma.local in
the Active Directory. This DNS Server is configured to
obtain and use information from the directory for this
zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and
reload the zone. The event data is the error code.


I appreciate your help in solving this issue.

Thanks.
RB
 
On QGMP1 stop and disable the KDC service.

Run the netdom /resetpwd command to reset your machine
account with the other DC.

Restart QGMP1 and set the KDC service to automatic and
start it.
See if you still receive the 3210 errors.
Steve
 
After running netdom / resetpwd, I still get the 3210
errors as well as the 1000 error

Event Logs on QGMP1 server

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 9/9/2003
Time: 3:02:35 PM
User: NT AUTHORITY\SYSTEM
Computer: QGMP1
Description:
Windows cannot determine the user or computer name.
Return value (1326).

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 3210
Date: 9/9/2003
Time: 3:09:58 PM
User: N/A
Computer: QGMP1
Description:
Failed to authenticate with \\qspharma-
serv.qspharma.local, a Windows NT or Windows 2000 domain
controller for domain QSPHARMA.
Data:
0000: 22 00 00 c0 "..À
 
Back
Top