Question

How do I correct this event viewer error?

Asked by: jeamrotae

Event Type:      Error
Event Source:      NTDS General
Event Category:      Global Catalog
Event ID:      1126
Date:            10/28/2009
Time:            7:58:10 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      EDU-SVR
Description:
Active Directory was unable to establish a connection with the global catalog.
 
Additional Data
Error value:
8430 The directory service encountered an internal failure.
Internal ID:
3200c89
 
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller.  You may use the nltest utility to diagnose this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-11-07 at 06:52:28ID24880443
Tags

Server 2003

Topics

Windows 2003 Server

,

Active Directory

Participating Experts
4
Points
500
Comments
23

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Event Id 1864, NTDS replication error
    I have NTDS replication error event id 1864 on Windows 2003 domain. Current setup is one single domain with 15 sites (and growing). Each site have 2 DCs + DNS. One DC at one site start having replication error event id 1864. How do I fix this? Is this the reason why Group Pol...
  2. Removed domain controller from network, Now I have ton…
    Hello, I recently setup a new server and made it a domain controller. Everything was working great until i removed the old domain controller from the network. Now I notice the new server takes a very long time to boot up. It seems to hang at preparing network connections....
  3. NTDS KCC errors
    I keep getting the following errors on my Domain Controllers. One is 2003 and is the PDC the second DC is an ISA 2004 server on windows 2000. Please help. Replication is not working correctly Event Type: Warning Event Source: NTDS KCC Event Category: Knowledge Consistency Ch...
  4. W2k3 NTDS Replication error - event id 1864
    I had one site with three domains: parent.net (two DCs: SRV01.parent.net and SRV02.parent.net), child1.parent.net (one DC: SRv05.child1.parent.net) and child2.parent.net (one DC: SRv06.child2.parent.net). DNS is AD integrated and all DCs use same DNS servers. For some licensi...
  5. Event ID Warning: 2089 NTDS Replication
    I just got this one today (maintenance can you tell): Event Type: Warning Event Source: NTDS Replication Event Category: Backup Event ID: 2089 Date: 1/3/2007 Time: 3:17:09 PM User: NT AUTHORITY\ANONYMOUS LOGON Computer: SERVER1 Description: This directory partition has n...
  6. NTDS Replication Warnings
    I have a empty root domain with one DC. I have one child domain with three DC's. Two of these DC's are in my DALLAS site the other DC is in a site in Oklahoma. I'm seeing some warnings on the two DC's that are in the Dallas Site. It is like if a change to a user is made on o...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: MikeHolcombPosted on 2009-11-07 at 06:55:06ID: 25766510

The following Microsoft Technet article will provide you with the appropriate troubleshooting steps to resolve the event.  When I've had these issues in the past, there was an issue with the DNS server - typically it wasn't available due to the system reporting the issue.

http://technet.microsoft.com/en-us/library/cc756476%28WS.10%29.aspx

Hope this helps... good luck!

Mike

 

by: ms-proPosted on 2009-11-07 at 07:22:19ID: 25766570

  • How many dc's do you have ?? 
  • DFL (domain func. level)? 
  • the os version ?? 
  • when did you get the error, did you make any change to your domain fx. removeing a dc?? 

 

by: jeamrotaePosted on 2009-11-07 at 07:25:49ID: 25766576

Windows Enterprise 2003 Sp2
one domain controller
highest level
I was not removing a dc

 

by: ms-proPosted on 2009-11-07 at 07:40:26ID: 25766621

On the domain controller start the Active Directory Sites and Services snap-in. To start the snap-in, click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services. In the console tree, double-click Sites, and then double-click sitename. Double-click Servers, click your domain controller, right-click NTDS Settings, and then click Properties. On the General tab, click to verify the Global catalog is marked if not please check the mark.

if yes then run dcdiag and provide os with the result, to do that

Start, Run, cmd + enter, type dcdiag + enter.

Verify global catalog DNS registrations:
Open the DNS snap-in and connect to a domain controller in the forest root domain.

Expand Forward Lookup Zones and then expand the forest root domain.

Click the _tcp container.

In the details pane, look in the Name column for _gc and in the Data column for the name of the server. The records that begin with _gc are global catalog SRV records.

 

by: jeamrotaePosted on 2009-11-07 at 08:00:57ID: 25766746

its mark checked

in dns _gc and at the Data the domain controller is there

i was not able to dcdiag because:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>dcdiag
'dcdiag' is not recognized as an internal or external command,
operable program or batch file.

C:\Documents and Settings\Administrator>

 

by: ms-proPosted on 2009-11-07 at 08:10:42ID: 25766785

you need to run dcdiag on your dc with domain admins or enterprise admins membership, download from here

 

by: ms-proPosted on 2009-11-07 at 08:16:30ID: 25766812

ensure that the Netlogon service is running

 

by: CharlesdPosted on 2009-11-07 at 08:26:26ID: 25766861

Just make sure GC is checked on properties of NTDS settings in AD site & services. Even though it is checked just uncheck and again check the tick.
Wait for a minute or two you should see an information event which says GC is now available.
Try telneting the port to localhost 3268. In DNS mgmt. make sure GC entry exsits with port no.

Thats all i believe nothing much troubleshooting required under 1 DC scenario. Hope this resolves the issues.

Regards,
CharlesD

 

by: jeamrotaePosted on 2009-11-07 at 08:37:39ID: 25766908

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\EDU-SVR
      Starting test: Connectivity
         ......................... EDU-SVR passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\EDU-SVR
      Starting test: Replications
         ......................... EDU-SVR passed test Replications
      Starting test: NCSecDesc
         ......................... EDU-SVR passed test NCSecDesc
      Starting test: NetLogons
         ......................... EDU-SVR passed test NetLogons
      Starting test: Advertising
         ......................... EDU-SVR passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... EDU-SVR passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... EDU-SVR passed test RidManager
      Starting test: MachineAccount
         ......................... EDU-SVR passed test MachineAccount
      Starting test: Services
         ......................... EDU-SVR passed test Services
      Starting test: ObjectsReplicated
         ......................... EDU-SVR passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... EDU-SVR passed test frssysvol
      Starting test: frsevent
         ......................... EDU-SVR passed test frsevent
      Starting test: kccevent
         ......................... EDU-SVR passed test kccevent
      Starting test: systemlog
         ......................... EDU-SVR passed test systemlog
      Starting test: VerifyReferences
         ......................... EDU-SVR passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : netlanpc
      Starting test: CrossRefValidation
         ......................... netlanpc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... netlanpc passed test CheckSDRefDom

   Running enterprise tests on : netlanpc.local
      Starting test: Intersite
         ......................... netlanpc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... netlanpc.local passed test FsmoCheck

C:\Documents and Settings\Administrator>

All this seems fine right?

 

by: ms-proPosted on 2009-11-07 at 08:50:26ID: 25767000

Yes, look very fine.

  1. did you check the netlogon service?  
  2. Ensure that the NTDS service is running on the global catalog server> 

from command run (sc query ntds )

 

by: jeamrotaePosted on 2009-11-07 at 09:52:44ID: 25767246

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>sc query ntds
[SC] EnumQueryServicesStatus:OpenService FAILED 1060:

The specified service does not exist as an installed service.


C:\Documents and Settings\Administrator>


I got this error above

 

by: ms-proPosted on 2009-11-07 at 10:02:29ID: 25767293

are you runninh the commnd from your dc?

did you check the netlogon service status?!

 

by: jeamrotaePosted on 2009-11-07 at 10:03:43ID: 25767297

yes I am running from my dc.

how do i check the netlogon service status...is that in services?

 

by: jeamrotaePosted on 2009-11-07 at 10:08:45ID: 25767318

if netlogon is in services you are referring to ...it is set to automatic and started

 

by: ms-proPosted on 2009-11-07 at 10:15:15ID: 25767346

restart it then verify

after you restart the service start a command and type the following

nltest /dsgetdc:domainName /gc, and then press ENTER

If the domain controller is able to contact the global catalog, the command output indicates the name of a domain controller that is configured as the global catalog server.

then the problem is fixed!

 

by: jeamrotaePosted on 2009-11-07 at 10:18:11ID: 25767359

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>nltest /dsgetdc:netlanpc.local /gc
           DC: \\edu-svr.netlanpc.local
      Address: \\192.168.1.2
     Dom Guid: 0554d1eb-60ed-4a8c-810c-af5057cc30b0
     Dom Name: netlanpc.local
  Forest Name: netlanpc.local
 Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
        Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
DNS_FOREST CLOSE_SITE
The command completed successfully

C:\Documents and Settings\Administrator>

Look good right?

 

by: ms-proPosted on 2009-11-07 at 10:22:22ID: 25767380

i think you are the only one that can confirm :D

ok if you dc ip is 192.168.1.2
and the name is edu-svr.netlanpc.local and the domain name is netlanpc.local then no need to worry every think is fine.

 

by: jeamrotaePosted on 2009-11-07 at 10:52:38ID: 25767536

Last someone suggested to telnet to 3268. I could not telnet localhost 3268.


Attachments are publicly viewable
Please note that all attachments can be viewed by the public and you should refrain from uploading any attachments with private information. Do not show this message again. CLOSE  
   
File | Code | Image
Only one code snippet can be attached.
   


  ATTACHCLEAR
 [x]
Allowed Extensions  
 Experts Exchange accepts the following types of files:

bmp
csv
doc
docx
flv
gif
jpeg
jpg
log
mdb
pdf
png
txt
xls
xlsx
zip
 
   
 

ADD IMAGEAdd from URL:  
 [x]
Allowed Extensions  
 Experts Exchange accepts the following types of files:

bmp
csv
doc
docx
flv
gif
jpeg
jpg
log
mdb
pdf
png
txt
xls
xlsx
zip
 
   
 


   

   


Attached Files

   
 
 Submit

   


   

 [x]
Add New Email  
 To make changes to your list of email addresses and groups, go to your Notification Preferences. You will then be asked to verify any new email addresses before Experts Exchange will allow you to associate them with a question.  
   
20081217-EE-VQP-LI-5 / EE_QW_3_20080625
Help| About Us| Contact Us| Member Agreement| Internet Rank| Privacy Policy| Site Map © Copyright Experts Exchange LLC 1996 - 2009. All rights reserved.his:

  • gc.bmp
    • 960 KB

    gc in dns manager shows port 3268

    gc in dns manager shows port 3268
 

by: ms-proPosted on 2009-11-07 at 11:16:22ID: 25767641

type

telnet edu-svr.netlanpc.local 3268


 

by: jeamrotaePosted on 2009-11-08 at 02:35:35ID: 25770060

telnet edu-svr.netlanpc.local 3268 failed to telnet..

 

by: ms-proPosted on 2009-11-08 at 03:16:11ID: 25770131

i dont know what are you expecting to see?

 

by: ms-proPosted on 2009-11-08 at 03:17:06ID: 25770134

evrey thing seems to work fine. check your event log if there is any error?

 

by: henjoh09Posted on 2009-11-08 at 07:19:23ID: 25770706

Check DNS settings with ipconfig/all. If there's any other DNS servers in list than the DC, remove them from the TCP/IP properties, so only using DNS servers that can resolve the DNS namespace for the AD domain.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...