Re: No Netlogon Service

Tech-Archive recommends: Fix windows errors by optimizing your registry

Miha,

Thanks for the response.

Yes, all servers are Global Catalogs.
FSMO roles were transferred to the server that has the NETLOGON service
running.
I did decommission the Windows 2000 server by running dcpromo.

The Application log on the server that HAS netlogon has a bunch of errors
about not being able to access Group Policy objects as well as errors that it
says it's receiving because my server is in a mixed domain.

The System log on that server is unremarkable.

The Application log on the server that DOESN'T have netlogon has a bunch of
errors about not being able to access Group Policy objects as well as errors
dealing with not beign able to find the machine account (1097).

The System log on that server has something about a PAC verification failure
(7).

Paul


"Miha Pihler [MVP]" wrote:

> Hi Paul,
>
> Did you make all new server Global Catalogs?
> Did you move FSMO roles?
> How did you decommission Windows 2000 domain controller? Did you run dcpromo
> on it?
>
> Can you check Event logs (specially System and Application) for any errors
> on your remaining domain controllers?
>
> --
> Mike
> Microsoft MVP - Windows Security
>
> "Paul Smith" <PaulSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:4802805E-137C-444C-AC35-EE7E998B059A@xxxxxxxxxxxxxxxx
> > We have installed two Windows 2003 servers into an environment that
> > previously had a single Windows 2000 server. All three servers were set
> > up
> > as DC's. Everything replicates nicely in AD and in the SYSVOL shares.
> >
> > Since the installation, I have demoted and decommissioned the Windows 2000
> > server.
> >
> > Since the decommissioning, I've noticed that the NETLOGON service was
> > never
> > added to one of the servers (for the sake of argument call it 2003 Server
> > 1).
> > If 2003 Server 2 goes down, for whatever reason, no one can login to 2003
> > Server 1. The NETLOGON service also doesn't show up in the Services
> > section
> > on the server. I've looked, and lsass.exe is running in the task manager
> > on
> > that server.
> >
> > Any ideas of what can be done?
>
>
>
.

Relevant Pages

  • RE: NT 4 decommission
    ... you require to decommission previous Windows ... NT 4.0 server. ... Microsoft does not support to demote NT BDC to NT member server. ...
    (microsoft.public.windows.server.migration)
  • Re: how can we migrate 2000 to 2003 without rejoin user to new domain
    ... You encountered the following error when migrating computer account: ... The machine might be down or its Server, ... Netlogon service might not be started. ... Open Windows explorer, navigate to ...
    (microsoft.public.windows.server.migration)
  • Re: Preparation to decommission original DC in Forest
    ... I have an original Windows 2000 Server that established my domain. ... to decommission my original DC (and soon redeploy it with Windows Server ... orginal Admin user certificate or some other precautionary procedure to ...
    (microsoft.public.windows.server.active_directory)
  • Re: joining domain RPC server unavailable
    ... The NETLOGON service must be started to be able to authenticate with the domain controller. ... I get an error that the RPC server is unavailable when i try to Join the pc ... Static Ip on the client with dns pointing to server ... Both RPC & RPC locator services are running on both server and vista client ...
    (microsoft.public.windows.server.active_directory)
  • Services not starting on 2000 Server
    ... I have a major problem with a server, that I hope some one can help me with. ... with the "netlogon service" and/or the "kerberos key distribution center". ... The same error is stated in the eventlog with event ID 7023 ... server is running with service pack 4. ...
    (microsoft.public.win2000.general)