Active Directory DC Hangs when lmcompatibility is set 4

Hello,

I have this nagging issue regarding my two ADDC's. If I set the
lmcompatibility level (Network Security: Lan Manager authentication level) to
anything higher than 3, either in the registry or through group policy, the
ADDC hangs after reboot. The DC would hang at "Preparing Network Connections"
for about a good 45 minutes before a pop up windows appears saying that "...a
service failed to start."

I did more digging since I am able to replicate the problem after restoring
the system back to a setting of 3 and found the following in the event logs?

DIRECTORY SERVICE EVENT LOGS:
Event Type: Information
Event Source: NTDS General
Event Category: Service Control
Event ID: 1000
Date: 6/12/2007
Time: 8:32:50 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
Microsoft Active Directory startup complete, version 5.2.3790.1830

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: NTDS Backup
Event Category: Backup
Event ID: 1913
Date: 6/12/2007
Time: 8:35:50 AM
User: N/A
Computer: DC03
Description:
Internal error: The Active Directory backup and restore operation
encountered an unexpected error.

Backup or restore will not succeed until this is corrected.

Additional Data
Error value:
1062 The service has not been started.
Internal ID:
160200fa

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 6/12/2007
Time: 8:47:50 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
Active Directory was unable to establish a connection with the global
catalog.

Additional Data
Error value:
1792 An attempt was made to logon, but the network logon service was not
started.
Internal ID:
3200cd1

User Action:
Make sure a global catalog is available in the forest, and is reachable from
this domain controller. You may use the nltest utility to diagnose this
problem.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Information
Event Source: NTDS Replication
Event Category: Replication
Event ID: 1555
Date: 6/12/2007
Time: 9:03:20 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC03
Description:
The local domain controller will not be advertised by the domain controller
locator service as an available domain controller until it has completed an
initial synchronization of each writeable directory partition that it holds.
At this time, these initial synchronizations have not been completed.

The synchronizations will continue.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

DNS EVENT LOGS:
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 4013
Date: 6/12/2007
Time: 8:07:04 AM
User: N/A
Computer: DC03
Description:
The DNS server was unable to open the Active Directory. This DNS server is
configured to use directory service information and can not operate without
access to the directory. The DNS server will wait for the directory to
start. If the DNS server is started but the appropriate event has not been
logged, then the DNS server is still waiting for the directory to start.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: f5 25 00 00 õ%..

SYSTEM EVENT LOGS:
Event Type: Error
Event Source: Distributed Link Tracking Server
Event Category: None
Event ID: 12502
Date: 6/12/2007
Time: 7:52:46 AM
User: N/A
Computer: PDC03
Description:
Service failed to start. Error = 80070862

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 6/12/2007
Time: 7:56:17 AM
User: N/A
Computer: DC03
Description:
The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register with DCOM
within the required timeout.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

SECURITY EVENT LOGS:
Nothing in the security event logs to indicate any authentication issues.
.

Relevant Pages

  • Re: ID 7011 from Srvc Cntrl Mgr during logon/offs
    ... On the DNS Server, create the DNS Forwarder to forward the external ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... you may want to contact Microsoft CSS directly. ...
    (microsoft.public.windows.server.sbs)
  • Security Audits.
    ... I sent the following letter to our Anti-Virus support team; ... Windows security event logs becoming clogged and full of Failure audits of ... Event Source: Security ... the constantly filling event logs make for more frequent than ...
    (microsoft.public.windowsmedia)
  • Re: XP Freezes on Welcome Screen
    ... Dell Computer Corporation OptiPlex GX240 ... 1QFDF0J (support for this PC) ... Event Type: Warning ... the DNS server contacted refused the update request. ...
    (microsoft.public.windowsxp.perform_maintain)
  • RE: User random cut off with error 1030
    ... In addition, you may also want to use your local support options, such as ... Suppose you have 2 network adapters in your SBS 2003 server and your ... pointing to the server's internal IP as their ONLY DNS server. ... Internet DNS servers are configured in the DNS's Forwarders list (in DNS ...
    (microsoft.public.windows.server.sbs)
  • Re: Standard / Default SBS 2003 R2 Service Settings
    ... Here are the last four unscheduled restart event logs. ... see Help and Support Center at ... Symantec Groupware Antivirus, Quarantine Agent, Symantec LiveUpdate and ... Symantec Reporting Agent. ...
    (microsoft.public.windows.server.sbs)