RE: Error binding to local domain
- From: Steve Larson <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 21 Aug 2005 08:03:02 -0700
Joan,
I also upgraded to SBS SP1 and ISA 2004. I did not notice the problem right
away because I was away for a couple weeks and I do not force permissions on
directories everyday.
The workaround I am using right now is to login with a local admin account
and add the permissions. I have to authenticate with the domain using a
domain account that is not the domain admin, but it works. I still need to
get this fixed and troubleshooting is taking longer than I would like because
I am not able to just sit down and work on it.
Steve
"Joan van den Heuvel, Netherlands" wrote:
> Steve, Charles,
>
> I have the same problem, no luck in resolvoing so far.
> My problem came up when I installed SBS SP1 (with ISA 2004!)
> IMHO ISA 2004 can be the problem. It replaced ISA 2000.
>
> What's your opinion?
>
>
> "Steve Larson" wrote:
>
> > I am receiving an error in the event log when I try to resolve a domain user
> > name on a client machine (i.e. add a domain user to the permissions on a
> > folder or add domain user to a group) when authenticating as the domain
> > administrator. The permissions dialog just times out trying to resolve the
> > user. The machine is a member of the domain, has XP SP2 installed, and has
> > allowed the same type of permissions updates in the past. The user name is
> > able to be resolved when authenticating as another domain user.
> >
> > This is the message in the client event log. "Windows cannot bind to
> > [MyLocalDomain].local domain. (Local Error). Group Policy processing
> > aborted." Source: Userenv, EventID: 1006 and is always followed by the
> > following event "Windows cannot query for the list of Group Policy objects. A
> > message that describes the reason for this was previously logged by the
> > policy engine." Source: Userenv, EventID: 1030.
> >
> > I have dropped a machine to a workgroup and rejoined it to the domain but
> > get the same results.
> >
> > I did not find a machine personal certificate listed in MMC. When I try to
> > add a certificate, I received an error dialog stating that the wizard could
> > not be started because Active Directory could not be contacted. The
> > [MyLocalDomain] Root Certificate Authority and the
> > [DomainController].[MyPublicDomain] are listed in the Certificates for
> > Trusted Root Certification Authorities. (All this as logged in as domain
> > administrator).
> >
> > I have pasted the help and Support link text at the end of this but nothing
> > seemed to be much help there (I was not able to get the Win2000 netdiag tool
> > to run.)
> >
> > I have also pasted part of the client machine logfile for userenv at the end.
> >
> > Any ideas on where else to troubleshoot?
> >
> > Steve
> > ======
> > Details
> > Product: Windows Operating System
> > ID: 1006
> > Source: Userenv
> > Version: 5.2
> > Symbolic Name: EVENT_FAILED_DS_BIND
> > Message: Windows cannot bind to %1 domain. (%2). Group Policy processing
> > aborted.
> >
> > Explanation
> > An Active Directory, network connectivity, or network configuration problem
> > prevents Group Policy settings from being applied. Group Policy processing
> > for the computer or user failed and will continue to fail until this problem
> > is resolved.
> >
> >
> > User Action
> > To troubleshoot this problem, try one or all of the following:
> >
> >
> > In Event Viewer, review the event description. Look for additional details
> > regarding why the computer has an account problem.
> > In Event Viewer, in the System folder, check for any networking-related
> > messages, such as Netlogon messages, that indicate a network connectivity
> > issue.
> > At the command prompt, type netdiag, and review any errors. Typically, you
> > must resolve these errors before Group Policy processing can continue.
> > (Netdiag is available as part of the Windows 2000 Support tools. To download
> > the Netdiag tool, see "Windows 2000 Support Tools: Netdiag.exe Update" at the
> > Microsoft Download Center Web site.)
> > At the command prompt, type gpupdate, and then check Event Viewer to see
> > whether the Userenv events are logged again.
> > Verify that the domain controller can be contacted through Domain Name
> > System (DNS), by trying to access \\mydomain.com\sysvol\mydomain.com, where
> > mydomain.com represents the fully qualified DNS name of your domain.
> > Verify that you can access the domain controller by using tools such as the
> > Active Directory Users and Computers.
> > Check to see whether other computers on your network are having the same
> > problem.
> > If this is a forest trust scenario, ensure that the forest for the user
> > account is currently available and can be contacted from the computer where
> > policy processing failed.
> > Use verbose logging to debug this error. The log file explains the specific
> > error.
> > (For information about enabling userenv logging, see article 221833, “How to
> > Enable User Environment Debug Logging in Retail Builds of Windows,” in the
> > Microsoft Knowledge Base.)
> >
> > If none of the above actions identified the problem, see “Troubleshooting
> > Group Policy in Windows Server 2003,” at the Microsoft Website.
> >
> >
> >
> > --------------------------------------------------------------------------------
> >
> >
> > Currently there are no Microsoft Knowledge Base articles available for this
> > specific error or event message. For information about other support options
> > you can use to find answers online, see
> > http://support.microsoft.com/default.aspx.
> >
> > ================================
> >
> > USERENV(23c.240) 13:50:42:546 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(23c.240) 13:50:42:546 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(23c.240) 13:50:42:546 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(23c.390) 13:50:45:968 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > …
> > USERENV(21c.1e4) 14:36:28:066 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.9e0) 14:42:42:040 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.8e8) 14:45:30:026 GetGPOInfo: ldap_bind_s failed with = <82>
> > USERENV(21c.8e8) 14:45:30:026 ProcessGPOs: GetGPOInfo failed.
> > USERENV(21c.de0) 14:49:52:818 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.220) 14:50:40:776 MyRegUnLoadKey: Failed to unmount hive 00000005
> > USERENV(21c.220) 14:50:40:776 DumpOpenRegistryHandle: 2 user registry
> > Handles leaked from
> > \Registry\User\S-1-5-21-2015966859-3956188738-1632115047-1142
> > USERENV(21c.220) 14:50:40:776 UnloadUserProfileP: Didn't unload user profile
> > <err = 5>
> > …
> > USERENV(214.3a4) 12:29:44:260 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(214.3e8) 13:14:14:139 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(214.218) 13:53:28:053 SetNtUserPolTime: couldn't get file
> > attributes <C:\Documents and Settings\brucel\ntuser.pol>, error = 2
> > USERENV(214.218) 13:53:28:053 UnloadUserProfile: Failed to SetNtUserPolTime,
> > hr = 80070002
> > USERENV(214.864) 13:54:57:909 GetGPOInfo: ldap_bind_s failed with = <82>
> > USERENV(214.864) 13:54:57:925 ProcessGPOs: GetGPOInfo failed.
> > USERENV(214.3e8) 14:11:24:142 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(214.e6c) 14:12:23:061 GetGPOInfo: ldap_bind_s failed with = <82>
> > USERENV(214.e6c) 14:12:23:076 ProcessGPOs: GetGPOInfo failed.
> > USERENV(21c.220) 14:20:40:234 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.220) 14:20:40:250 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.220) 14:20:40:250 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.3c8) 14:20:42:828 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.1e4) 14:21:07:703 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.220) 14:23:51:984 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.220) 14:23:52:000 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.220) 14:23:52:000 CUserProfile::CleanupUserProfile: Ref Count is
> > not 0
> > USERENV(21c.60c) 14:24:05:625 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.3a0) 14:25:42:958 GetGPOInfo: ldap_bind_s failed with = <82>
> > USERENV(21c.3a0) 14:25:42:958 ProcessGPOs: GetGPOInfo failed.
> > USERENV(21c.b5c) 15:13:55:042 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(21c.220) 15:56:21:957 SetNtUserPolTime: couldn't get file
> > attributes <C:\Documents and Settings\brucel\ntuser.pol>, error = 2
> > USERENV(21c.220) 15:56:21:973 UnloadUserProfile: Failed to SetNtUserPolTime,
> > hr = 80070002
> > …
> > USERENV(21c.220) 13:14:08:822 SetNtUserPolTime: couldn't get file
> > attributes <C:\Documents and Settings\brucel\ntuser.pol>, error = 2
> > USERENV(21c.220) 13:14:08:822 UnloadUserProfile: Failed to SetNtUserPolTime,
> > hr = 80070002
> > …
> > USERENV(21c.ea0) 09:09:07:735 GetGPOInfo: ldap_bind_s failed with = <82>
> > USERENV(21c.ea0) 09:09:07:735 ProcessGPOs: GetGPOInfo failed.
> > USERENV(21c.1d0) 09:38:34:610 GetGPOInfo: Local GPO's gpt.ini is not
> > accessible, assuming default state.
> > USERENV(fac.e3c) 10:48:11:923 LibMain: Process Name:
> > C:\WINDOWS\system32\NOTEPAD.EXE
> > USERENV(c9c.188) 10:50:16:360 LibMain: Process Name:
> > C:\WINDOWS\system32\NOTEPAD.EXE
> >
.
- Follow-Ups:
- RE: Error binding to local domain
- From: "Charles Yang [MSFT]"
- RE: Error binding to local domain
- References:
- Error binding to local domain
- From: Steve Larson
- RE: Error binding to local domain
- From: Joan van den Heuvel, Netherlands
- Error binding to local domain
- Prev by Date: system volume information folder
- Next by Date: RE: system volume information folder
- Previous by thread: RE: Error binding to local domain
- Next by thread: RE: Error binding to local domain
- Index(es):
Relevant Pages
|
