W2K Server Error Event 1000 / Source Userenv

  • Thread starter Thread starter S. T. Wong
  • Start date Start date
S

S. T. Wong

Dear All,

Our company installed two W2K servers one for Exchange2K and other for the
CA Portal. The first DC server is the Exchange server and DNS server run in
Active Directory-integrated mode.

The CA Portal server has installed LDAP service and pointed to the itself
(there is problem for point the LDAP service to the Exchange server) for AD
user authorization. However, occasionally the Application event log will
logged the above error, and user can't login to the Portal server. We only
can restart the CA Portal server for resolve this problem.

The following are the Description of the error events:-

- Windows cannot connect to <domain name> with {0x2747).
- Windows cannot query for the list of Group Policy objects. A message
that describes the reason for this was previously logged by this policy
engine.
- Windows cannot determine the user or computer name. Return value
(1722).
- Windows cannot access the registry information at \\<domaine
name>\sysvol\<domain
name>\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Machine\registry.pol
with (1351).

Do you have any idea to solve this problem?

Thanks.



S. T. Wong
 
In
S. T. Wong said:
Dear All,

Our company installed two W2K servers one for Exchange2K and other
for the CA Portal. The first DC server is the Exchange server and
DNS server run in Active Directory-integrated mode.

The CA Portal server has installed LDAP service and pointed to the
itself (there is problem for point the LDAP service to the Exchange
server) for AD user authorization. However, occasionally the
Application event log will logged the above error, and user can't
login to the Portal server. We only can restart the CA Portal server
for resolve this problem.

The following are the Description of the error events:-

- Windows cannot connect to <domain name> with {0x2747).
- Windows cannot query for the list of Group Policy objects. A
message that describes the reason for this was previously logged by
this policy engine.
- Windows cannot determine the user or computer name. Return value
(1722).
- Windows cannot access the registry information at \\<domaine
name>\sysvol\<domain
name>\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Machine\registry.pol
with (1351).

Do you have any idea to solve this problem?
Click to expand...

Is the DC multihomed?
I ask because this is the usual error on a multihomed DC with incorrect
bindings and binding order.
Right click on Network Places choose properties, then in the Advanced menu
select Advanced settings, in the connections pane move the internal
interface to the top of the list and bind file sharing and Client for MS
Networks.

Make sure DNS is listening only on the internal IP address and add the
registry entry below using regedt32 to stop the creation of the (same as
parent folder) host LDAP IP address record. You will have to manually add
the (same as parent folder) record for the internal interface.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

LdapIpAddress
 
Back
Top