Okay, I've nowhere else to turn. I've been looking into this for a few days and can't seem to find any info on it.
Our environment: Mixed 2000/2003 domain, a few DC's...All but one is 2003. I am in the process of taking this last 2000 DC out of comission and putting a 2003 in it's place. I just built a new 2003 SP1 server like I have in the past and dcpromo'd it to a DC. Server has a static IP and DNS is pointing to itself. I haven't had any issues in the past when dcpromo'ing servers...
Rebooted it after DCPROMO and it took a while (10 minutes or so) to actually get to the logon screen.
I have ran dcdiag and netdiag and all tests are passing.
Errors in event viewer are:
Application log:
Event ID 1053
Windows cannot determine the user or computer name. (The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. ). Group Policy processing aborted.
Event ID 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1
Event ID 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 476
No Callstack,
CmdLine: C:\WINDOWS\system32\msdtc.exe
Directory Service Logs:
Event ID 2088
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.
Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
Alternate server name:
spam-l3
Failing DNS host name:
205743d0-7d99-43f5-b3da-20795394b20f._msdcs.domain.com
Event ID: 40960
The Security System detected an authentication error for the server LDAP/Localhost. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
Event ID 5781:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.chemspec.com.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Any help is greatly appreciated...I think I installed DNS when I installed 2003. I think in the past, during the dcpromo, dns was installed. Should matter though...DNS appears to be working as I can ping from the server in question to all the other DC's...
Our environment: Mixed 2000/2003 domain, a few DC's...All but one is 2003. I am in the process of taking this last 2000 DC out of comission and putting a 2003 in it's place. I just built a new 2003 SP1 server like I have in the past and dcpromo'd it to a DC. Server has a static IP and DNS is pointing to itself. I haven't had any issues in the past when dcpromo'ing servers...
Rebooted it after DCPROMO and it took a while (10 minutes or so) to actually get to the logon screen.
I have ran dcdiag and netdiag and all tests are passing.
Errors in event viewer are:
Application log:
Event ID 1053
Windows cannot determine the user or computer name. (The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. ). Group Policy processing aborted.
Event ID 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1
Event ID 53258
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 476
No Callstack,
CmdLine: C:\WINDOWS\system32\msdtc.exe
Directory Service Logs:
Event ID 2088
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.
Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
Alternate server name:
spam-l3
Failing DNS host name:
205743d0-7d99-43f5-b3da-20795394b20f._msdcs.domain.com
Event ID: 40960
The Security System detected an authentication error for the server LDAP/Localhost. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
Event ID 5781:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.chemspec.com.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Any help is greatly appreciated...I think I installed DNS when I installed 2003. I think in the past, during the dcpromo, dns was installed. Should matter though...DNS appears to be working as I can ping from the server in question to all the other DC's...
