Probable DNS problem with AD

[schase]

Howdy,

Having a recent situation where Workstations are getting the error of: Event 1053 - Userenv. "Windows cannot determine the user or computer name. (the RPC Server is unavailable) Group Policy processing aborted. Or I will get the error: Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Description:The Security System could not establish a secured connection with the server ldap/server. No authentication protocol was available.

But the clients will also get a "Security policy in the Group Policy objects has been applied successfully".

There are zero errors on the server’s logs relating to this – or any directory errors.

Here is my setup.

Router has DNS set to my server. Router also is the DHCP server.

Server has private IP Address. Server running SBS 2000. As such it has AD, Hosts websites & DNS Server.

DNS on the server has forwarders set to my ISP's DNS. The servers NIC card has obtain DNS automatically from DHCP server. All workstations are also private IP address via DHCP given out by the Router.

-If I type Net View from a cmd prompt, I can see all workstations on the network.
-If I type a nslookup for my domain – it will return the correct name and IP address.
-Any shares or printer shares are accessible without problems.

If I run a dcdiag /v /s: (server.domain_name) it will return.

….
Hmmm earlier it wouldn’t locate the DC – now it is. And here are the summaries.

Server passed test connectivity
Server failed test NCSecDesc
Server passed test NetLogons
Server passed test Advertising
Server passed test KnowsOfRoleHolders
Server passed test RidManager
Server passed test MachineAccount
Server passed test Services
Server passed test ObjectsReplicated
Server passed test frssysvol
Server passed test frsevent
Server passed test kccevent
Server failed test systemlog
Server passed test VerifyReferences
Passed test Intersite
Passed test FsmoCheck

And any workstations logging in take a considerable longer period of time to complete the login. Unfortunately I cannot track down exactly when this happened or what took place that may have caused it.

Is there any location or ideas of what I can check out to try and solve these issues?

Thank you in advance for your time.


"Ever stop to think, and forget to start again?"

Stuart
A+, Net+

 

[rstitzel]

Are your clients DNS settings pointing to your local DNS server that then forwards to your ISP's DNS servers.

I had a similar problem where I had the users picking up our external ISP's DNS numbers instead of our internal DNS server. So when they tried to resolve our internal Windows domain name it would try to find it out on the internet. I just change my DHCP DNS scope settings to go to our internal DNS server that then forwards to our ISP's DNS server. I had the users renew their ip's from DHCP and all was good.

FYI

 

[schase]

it's actually picking up the IP of the router for the DNS Servers.

The router though has the Server's IP for the DNS. Unless it is trying to bypass it somehow.

"Ever stop to think, and forget to start again?"

Stuart
A+, Net+

 

[dearingkr]

I wouldn't chance it. Configure your router to hand out the local server as DNS. At the least this will eliminate a potential problem.

MCSE CCNA CCDA

 

[schase]

Sorry if I was a bit vague - that was what I meant by the Router is handing out the servers ip address.

"Ever stop to think, and forget to start again?"

Stuart
A+, Net+

 

[AaronTanner]

Hello,
I have a server setup with windows server 2003, with 3 xp clients running off the server. I'm trying to set a group policy so i can force classic menus, for different visual styles, also prohibit access to folders like control panel, but i check my logs and it says

Windows cannot determine the user or computer name. (The RPC server is unavailable. ). Group Policy processing aborted.

I have a policy enforced, but when a user logs on it does not apply the policies that i set.

Can anyone please help me out with this, as it is quite important i get this going.




Thanks in advance