Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
From: Kevin D. Goodknecht [MVP] (admin_at_nospam.LSAOL.COM)
Date: 03/02/04
- Next message: Anthony: "VPN on 2000 professional"
- Previous message: Ace Fekay [MVP]: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- In reply to: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Next in thread: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Reply: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 1 Mar 2004 19:58:01 -0600
In news:4043BF86.F36813F@N_O_S_P_A_M_cox.net,
Ohaya <ohaya@N_O_S_P_A_M_cox.net> posted a question
Then Kevin replied below:
> "Ace Fekay [MVP]" wrote:
>>
>> In news:4042D440.FEF08EAC@N_O_S_P_A_M_cox.net,
>> Ohaya <ohaya@N_O_S_P_A_M_cox.net> posted their thoughts, then I
>> offered mine
>>
>>> Kevin,
>>>
>>> You have some good questions, and I only have answers to some of
>>> them unfortunately :(...
>>>
>>> First of all, my desire/intention is to build this 2-machine network
>>> such that it's kind of a standalone ("standalone", in a limited
>>> sense) Windows domain, but physically connected to an external
>>> network.
>>>
>>> The "machine A" runs an IIS web server, and we need "inward" access
>>> (from clients on the external network) to this web server, but, in
>>> general, we don't need, or want to allow, "outward" access (from
>>> machine
>>> A, or machine B) to the external network.
>>>
>>> The reason for the machine A/machine B configuration is that
>>> machine B runs a database which is accessed by our web application
>>> (which runs on machine A), and also, we want to manage all the
>>> machines on this internal network (consisting of machines A & B)
>>> using GPOs, etc. from machine A.
>>>
>>> Now here's the way that I think that things work (and they are, for
>>> the
>>> most part, working):
>>>
>>> You noted that we don't define a gateway for either NIC2 on machine
>>> A or
>>> NIC1 on machine B, but you'll also note that NIC2/machine A and
>>> NIC1/machine B are on the same subnet (IP addresses 192.168.1.xx).
>>> In addition, both NIC2/machine A and NIC1/machine B point to
>>> machine B for
>>> their DNS server.
>>>
>>> [I'm being a bit vague here] When something in machine A wants to
>>> connect to either machine A or machine B, since the DNS IP address
>>> points to machine B, name resolution gets handled by the DNS server
>>> on machine B.
>>>
>>> As to how it "gets out without a gateway", I think it works somewhat
>>> akin to a 2-computer network using a cross-over cable (and without a
>>> router) but, in our case, we're using a switch between the 2
>>> computers (instead of a cross-over cable). My understanding is
>>> that in such a configuration, packets with source/destination
>>> address get sent out the
>>> NIC on the source machine, and the machine with the matching
>>> destination address will simply receive those packets.
>>>
>>>
>>> Here are the answers to some of your questions (I think):
>>>
>>> Q1) "How is the internal DNS resolving external names with out a
>>> gateway?"
>>> A1) We DON'T WANT the internal DNS (on machine B) to resolve
>>> external names.
>>>
>>> Q2) "Do you have NAT on the member server?"
>>> A2) No, we don't.
>>>
>>> Q3) "You have no gateways listed for any NIC, how do you get out
>>> without
>>> a gateway?
>>> A3) My guess is per what I wrote above.
>>>
>>>
>>> BTW, you mentioned above that:
>>>
>>> "> You cannot have TCP/IP without DNS in Win2k if you leave DNS
>>> blank it
>>> will
>>>> pick up the loopback address or use DHCP to get the DNS server."
>>>
>>> Do you know that the above (that it will either default to the
>>> loopback address or use DHCP to get the IP of the DNS server) is
>>> true? The
>>> reason that I'm asking is that this might be at least part of the
>>> question in my earlier thread ("How is resolution working?").
>>>
>>> If so, can you point me to some documentation about this? Also, if
>>> you
>>> know, under what circumstances would it default to the loopback
>>> address
>>> vs. trying to get the DNS server IP from DHCP?
>>>
>>> Jim
>>
>> To add, if you want external communication, you'll need to specify a
>> gateway, unless you do not want to have Inernet communication from
>> this machine?
>>
>
>
> Hi Ace et al,
>
> I was testing all weekend with my new test setup, and I think that
> I've figured out what's going, at least partially, mainly with the
> DNS part. I still can't figure out what's going on with the subject
> of this thread though (the Event ID problem).
>
> The explanation is going to be a bit complicated, but I'll try to
> touch on the main points.
>
> Basically, I started looking at what was happening to the routing
> table ("route print") on the multi-homed machine when I made various
> changes to the GWY and DNS pointers on NIC1 and NIC2.
>
> It turns out that if the GWY is populated in both NIC1 and NIC2, two
> default routes (Destination 0.0.0.0) get created in the routing table.
> For example, if one NIC has IP 192.168.0.9, GWY 192.168.0.1 and the
> other NIC has IP 192.168.1.111, GWY 192.168.1.110, the entries look
> something like:
>
> 0.0.0.0 ................. 192.168.0.1 192.168.0.109 1
> 0.0.0.0 ................. 192.168.1.109 192.168.1.110 1
>
> As I understand it, the routing logic will look for a match between
> the destination address in a packet and the entries in the routing
> table, and when it finds the best match, that determines which
> interface the packet will be sent out on (ok, that explanation is
> somewhat simplistic).
>
> In my case, I always had Metric set to 1, so basically what I found
> was the ORDER that these routes were being added to the routing table
> would depend on the ORDER in which I added the GWY pointers to the
> NICs.
>
> If I just happened to get the order one way, so that the 0.0.0.0
> destination route entry with the 192.168.0.1 GWY was higher priority,
> then pings to the external network would be able to get to the
> external network via the "Default Gateway" of 192.168.0.1 (which was
> a router on the external network), and from there to the open
> Internet.
>
> If I just happened to get the order the other way, so that the 0.0.0.0
> destination route entry with the 192.168.1.109 GWY was higher
> priority, then all outgoing traffic, including pings to the external
> network, would instead be routed through the 192.168.1.110 NIC back
> into my small network. Remember, the only other machine on this
> small network was machine B, so basically, these packets would get
> responded to with an "unreachable".
>
>
> An additional item is that it appears that if any of the NICs in the
> machine have a specific IP address (e.g., 192.168.1.110), a route to
> the entire subnet gets added that looks some like:
>
> 192.168.1.0 ............... 192.168.1.110 192.168.1.110 1
>
> Note that the above route will, by itself, provide a way for packets
> with destination addresses on the 192.168.1 subnet to get to the
> 192.168.1 subnet. Since this is the case, this means that even I
> don't have a default route that can get me to the 192.168.1 subnet, I
> can still get to the 192.168.1 subnet via the above route. This is
> why I was able to still resolve the names of machines on my internal
> network (served by the DNS server on machine B) even when I didn't
> have a GWY setting on the NIC.
>
> As I said above, a bit complicated :(...
>
>
> Ok, now that I've figured that out, there's still the matter of the 2
> Event IDs in my original post.
>
> I've figured out one of them, the warning about the browser, by
> disabling the Alerter and the BITs service, but I'm still getting the
> Event ID 1000 (userenv).
>
> Before we get into that, can someone explain what this error is
> exactly? It looks like it's saying that the machine can't access a
> certain file (registry.pol) on my DC?
>
> If that is correct, what is the ramification of this? What kind of
> problem will it cause?
>
> Also, as I mentioned in one of my original posts, yes, I can click
> through My Network Places to the DC, then to SYSVOL directory, then on
> downward all the way to the registry.pol file on my DC.
>
> Since I *can* do that, doesn't that imply that this machine CAN access
> registry.pol on my DC? And if THAT is correct, then why am I still
> getting this error??
No, the sysvol share is not found by other machines using the machine name
in the same way as using Network places. It is a DFS share and is accessed
by the domain name, not by the machine name. DFS shares cannot be browsed to
in Network places. It can be published in Network places as
\\foo1.com\sysvol.
What happens when you type this in your browser \\foo1.com\sysvol which is
the root of the DFS share?
When you run ipconfig /displaydns what is the IP address of the foo1.com
record?
-- Best regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps ============================ -- When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. To respond directly to me remove the nospam. from my email. ========================================== http://www.lonestaramerica.com/ ========================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ ========================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ==========================================
- Next message: Anthony: "VPN on 2000 professional"
- Previous message: Ace Fekay [MVP]: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- In reply to: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Next in thread: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Reply: Ohaya: "Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
