Re: GP cannont find Domain Controller

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 12/01/04

  • Next message: l_stocky: "Re: GP cannont find Domain Controller" 
    Date: Tue, 30 Nov 2004 23:35:55 -0700

    OK, so netdiag run on the DC see no problem.
    Does dcdiag find anything? The thinking here is that
    if netdiag is clean, then it is not a location issue so it
    is possibly an auth / binding problem. 

    -- 
Roger Abell
Microsoft MVP (Windows  Security)
MCSE (W2k3,W2k,Nt4)  MCDBA
"l_stocky" <lstocky@discussions.microsoft.com> wrote in message
news:1213508B-9DB9-4DD5-A8FC-5F49B6D82975@microsoft.com...
> there is only one DC - so by implication, the tests were run on the DC.
> DNS server is running and at least apparently working ok
>
> "Roger Abell" wrote:
>
> > If the netdiag was run on a member, then also run it on DCs.
> > If it come out clean on the DCs, then verify what DNS server(s)
> > are in use on the machine where you experience this.  They must
> > only be DNS servers able to locate the DNS zone(s) supporting
> > the AD forest.
> > If all those are OK we must look further, but those are the most
> > frequently seen issues.
> > -- 
> > Roger Abell
> > Microsoft MVP (Windows  Security)
> > MCSE (W2k3,W2k,Nt4)  MCDBA
> > "l_stocky" <lstocky@discussions.microsoft.com> wrote in message
> > news:A233F537-30CB-458F-8C28-F6F840765A7A@microsoft.com...
> > > When attempting to access GP through AD a dialogue box appears with
the
> > > following message:
> > > The domain controller for Group Policy operations is not available.
You
> > may
> > > cancel this operation for this sessio or retry using one of the
following
> > > domain controller choices:
> > >
> > > - The one with the Operations Master token for the PDC emulator
> > > - The one used by the Active Directory Snap-ins
> > > - Use any avilable domain controller
> > >
> > > OK/Cancel
> > >
> > > None of the above options give any joy.
> > >
> > > 'netdiag' returns no problems but 'gpotool' informs me:
> > > server.intermark.com down (sysvol only)
> > > Error: DC list is empty
> > >
> > > Every five minutes an event of 'Error 1000' is registered in Event
Viewer
> > >
> > > Application Log which provides the following details:
> > >
> > > Windows cannot access the registry information at
> > >
> >
\\domain.com\sysvol\domain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F
> > 9}\Machine\registry.pol with (53).
> > >
> > > I've checked the permissions on the policy containers and can't see
> > anything
> > > untoward - don't know
> > >
> > > There are a few similar postings but nothing of this nature exactly -
so
> > can
> > > anyone help.
> > >
> > > Appreciate any advise, many thanks
> > >
> >
> >
> >
  • Next message: l_stocky: "Re: GP cannont find Domain Controller"

    Relevant Pages

    • Re: Netdiag kerberos failure
      ... important for kerberos. ... keep in time synch with the domain controller that is the pdc fsmo which is the time ... Check the Event Viewer on the domain controller and run first netdiag on it and then ... assigned IP address as it's preferred dns server in tcp/ip properties and W2K/Xp Pro ...
      (microsoft.public.win2000.networking)
    • Re: Assign Domain Security Policy/Manage remote computer
      ... > I've run netdiag and dcdiag on the domain controller (Active Directory ... > The dc does refer to itself as it's DNS server. ... > Not done anything more with the IPSec config yet, ...
      (microsoft.public.win2000.security)
    • Re: Netdiag errors, again, [FATAL] Invalid DNS entries
      ... > specific DNS suffixes, ... > primary DNS suffix) restarted DNS server, ran Netdiag, ... Then run ipconfig /flushdns, ipconfig /registerdns and ...
      (microsoft.public.win2000.dns)
    • Re: Netdiag DNS error
      ... > was why this error keeps popping up in netdiag: ... Interfaces tab of the DNS server properties. ... When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. ...
      (microsoft.public.win2000.dns)