dougp23
asked on
Lots of Event 1053 Errors
My event log, under application, is filling up with event id 1053, with this text:
Windows cannot determine the user or computer name. (There are no more endpoints available from the endpoint mapper. ). Group Policy processing aborted.
About every 5 minutes another one is added.
Windows cannot determine the user or computer name. (There are no more endpoints available from the endpoint mapper. ). Group Policy processing aborted.
About every 5 minutes another one is added.
ASKER
dcdiag: cpmmand not found
netdiag: command not found
Looks like I don't have these installed. How do I get them installed? Win2K3 SP2
netdiag: command not found
Looks like I don't have these installed. How do I get them installed? Win2K3 SP2
ASKER
OK, installed both of them.
DcDiag ran pretty cleanly.
NetDiag provided this little pearl:
DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.10.1'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Now, THIS server IS 192.168.10.1....so how do I tell the server that to get to himself, he should ask...himself??
DcDiag ran pretty cleanly.
NetDiag provided this little pearl:
DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.10.1'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Now, THIS server IS 192.168.10.1....so how do I tell the server that to get to himself, he should ask...himself??
ASKER
Also, under DNS, my server is showing 2 forward lookup zones.
TOWN
TOWN.COM
I would imagine I only need TOWN.COM? Is the fact that TOWN is in there confusing things?
Under Town.com I have an A record that says
Accounting.Town.com 192.168.10.1
So it seems like this DNS *should* know how to resolve itself....
Hope this helps!
TOWN
TOWN.COM
I would imagine I only need TOWN.COM? Is the fact that TOWN is in there confusing things?
Under Town.com I have an A record that says
Accounting.Town.com 192.168.10.1
So it seems like this DNS *should* know how to resolve itself....
Hope this helps!
most likely you will need to keep town.com
run a netdiag /fix then a netdiag again and see what comes back.
Also in tcp ip properties for the lan connection you have the first DNS server set to itself (internal IP address) and the second to another internal DNS machine.
There should NOT be an ISP server in there
run a netdiag /fix then a netdiag again and see what comes back.
Also in tcp ip properties for the lan connection you have the first DNS server set to itself (internal IP address) and the second to another internal DNS machine.
There should NOT be an ISP server in there
ASKER
TCP/IP Properties (2 NIC Cards)
192.168.10.1 has preferred DNS of 192.168.10.1 and no secondary DNS.
The 2nd NIC is capturing VOIP traffic to record calls that we need recorded, so it has a 10.0.55.1 IP with a 10.0.55.1 DNS. Note that we run NO 10.x IPs, so I would imagine this interface cannot communicate out at all.
Ran netdiag /fix, then netdiag again.
The interesting (I think) parts:
NetBT name test. . . . . . : Passed [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing. No remote names have been found. WINS service test. . . . . : Skipped There are no WINS servers configured for this interface.
DNS test . . . . . . . . . . . . . : Passed PASS - All the DNS entries for DC are registered on DNS server '192.168.10.1' and other DCs also have some of the names registered.
I will clear out the EL, and see if they keep happening.
192.168.10.1 has preferred DNS of 192.168.10.1 and no secondary DNS.
The 2nd NIC is capturing VOIP traffic to record calls that we need recorded, so it has a 10.0.55.1 IP with a 10.0.55.1 DNS. Note that we run NO 10.x IPs, so I would imagine this interface cannot communicate out at all.
Ran netdiag /fix, then netdiag again.
The interesting (I think) parts:
NetBT name test. . . . . . : Passed [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing. No remote names have been found. WINS service test. . . . . : Skipped There are no WINS servers configured for this interface.
DNS test . . . . . . . . . . . . . : Passed PASS - All the DNS entries for DC are registered on DNS server '192.168.10.1' and other DCs also have some of the names registered.
I will clear out the EL, and see if they keep happening.
Ar you running synaptec end point protection?
ASKER
no, no endpoint security. OK, I followed some MS Technet docs, and I had no "endpoints" available, so did what they said. They then said to do a portqry and see if certain ports were being blocked. So, I did this, from the Town server:
portqry -n servername.police.org -o 1094,1025,1029,6004
Name resolved to 192.168.11.10
TCP port 1094 (unknown service): NOT LISTENING
TCP port 1025 (unknown service): NOT LISTENING
TCP port 1029 (unknown service): NOT LISTENING
TCP port 6004 (unknown service): NOT LISTENING
Any ideas? Again, both buildings connect via fiber, so I don't think my firewall for the network is blocking this stuff. Both servers have their network cards firewalls shut off.
portqry -n servername.police.org -o 1094,1025,1029,6004
Name resolved to 192.168.11.10
TCP port 1094 (unknown service): NOT LISTENING
TCP port 1025 (unknown service): NOT LISTENING
TCP port 1029 (unknown service): NOT LISTENING
TCP port 6004 (unknown service): NOT LISTENING
Any ideas? Again, both buildings connect via fiber, so I don't think my firewall for the network is blocking this stuff. Both servers have their network cards firewalls shut off.
So after a /fix the errors are still occuring?
ASKER
Well, they've changed. Event ID 4521 with information 9002. Which I think is due to that police server not listening on those ports. Perhaps I should close this question and open a new one, since I am no longer getting 1053 errors. Or I'll bump the points up.
I am going to review what we have for info. I'll admit these endpoint mappers and certs for the RPC service over VPN are not one of my strong points. If you don't mind, will you leave this open.
In the meantime, i was on another post where the technet article didn't help, but this MS article provided the right key to the solution.
http://support.microsoft.com/kb/839880
http://support.microsoft.com/kb/839880
The ports on your portqry that are "not listening" are not key to 2003 server services:
TCP port 1094 (unknown service): NOT LISTENING
TCP port 1025 (unknown service): NOT LISTENING
TCP port 1029 (unknown service): NOT LISTENING
TCP port 6004 (unknown service): NOT LISTENING
http://www.microsoft.com/smallbusiness/support/articles/ref_net_ports_ms_prod.mspx
So, what is perplexing to me is why isn't it working?
TCP port 1094 (unknown service): NOT LISTENING
TCP port 1025 (unknown service): NOT LISTENING
TCP port 1029 (unknown service): NOT LISTENING
TCP port 6004 (unknown service): NOT LISTENING
http://www.microsoft.com/smallbusiness/support/articles/ref_net_ports_ms_prod.mspx
So, what is perplexing to me is why isn't it working?
OK: The article that I provided says:
From the output, you know the DC is using port 1094 for FRS and 1025, 1029, and 6004 for Active Directory replication.
antivirus software May be blocking ports above 1024.
Please see step 4 of the article above. It describes your problem to a T.
From the output, you know the DC is using port 1094 for FRS and 1025, 1029, and 6004 for Active Directory replication.
antivirus software May be blocking ports above 1024.
Please see step 4 of the article above. It describes your problem to a T.
ASKER
I had found KB839880 already, and yes I agree step 4 is a real wakeup. But what they don't tell you is how to fix it. I am against turning off the firewall on the server, but OK, I turned it off. Now, I should turn off my antivirus too?? Only MS would offer this up as a solution!!
My Antivirus has no built in firewall, so I am just totall stumped, and ready to say "forget it, people will have to keep track of 2 logins". Not my favored solution, but where else do I go from here?
If this helps, the prtqry from Town reported back properly on POlice, but a portqry on Police says it can't resolve the name accounting.town.com. Is that a prob? Remember, the folder I want to share is on Town, but the users are on Police. Not sure if this matters.
My Antivirus has no built in firewall, so I am just totall stumped, and ready to say "forget it, people will have to keep track of 2 logins". Not my favored solution, but where else do I go from here?
If this helps, the prtqry from Town reported back properly on POlice, but a portqry on Police says it can't resolve the name accounting.town.com. Is that a prob? Remember, the folder I want to share is on Town, but the users are on Police. Not sure if this matters.
I would turn it all off to test and see what happens.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Excellent!! I am glad to see this worked for you. Thanks.
http://support.microsoft.com/kb/883271
http://kbalertz.com/937535/Event-logged-restart-Windows-Server-domain-controller.aspx
Also run a dcdiag and a netdiag and post any errors.