Solved

(W2000 Server) Workstation service does not start

Posted on 2003-10-21
31
4,930 Views
Last Modified: 2012-05-04
Hi people,

I've got this nasty little problem everytime I reboot our brand new Windows2000 server: nobody can access the domain anymore :) After the first heart attack, I started looking into what might cause the problem, and it was the Netlogon service which failed to start due to the fact that the workstation service didn't either.

What makes my problem even worse is that I can't find any clues on what might cause it.

the errors in the system log (sorry, I have a dutch workstation version, but i presume you can find your way in the layout)

Type gebeurtenis:      Fout
Bron van gebeurtenis:      NETLOGON
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      2138
Datum:            21/10/2003
Tijd:            12:55:52
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The Workstation service has not been started.

Type gebeurtenis:      Fout
Bron van gebeurtenis:      Service Control Manager
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      7024
Datum:            21/10/2003
Tijd:            12:55:52
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The Net Logon service terminated with service-specific error 2138.

and a whole bunch of errors of other services which don't start.


I have no clue at all of what might cause this problem.... I did find one thread of a person with a similar problem on this site, but it was unfortunately deleted.

The only other event log entries I find which might have something to do with it are in the DNS log:


Type gebeurtenis:      Fout
Bron van gebeurtenis:      DNS
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      4004
Datum:            21/10/2003
Tijd:            12:42:40
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The DNS server was unable to complete directory service enumeration of zone dwge.gerechtsdeurwaarders.be.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The event data contains the error.

Zie Help en ondersteuning op http://go.microsoft.com/fwlink/events.asp voor meer informatie.
Gegevens:
0000: 2a 23 00 00               *#..    

(please note that dwge.gerechtsdeurwaarders.be is not publicly accessible)


Type gebeurtenis:      Fout
Bron van gebeurtenis:      DNS
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      4004
Datum:            21/10/2003
Tijd:            12:42:40
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The DNS server was unable to complete directory service enumeration of zone 94.136.10.in-addr.arpa.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The event data contains the error.

Zie Help en ondersteuning op http://go.microsoft.com/fwlink/events.asp voor meer informatie.
Gegevens:
0000: 2a 23 00 00               *#..    


Type gebeurtenis:      Fout
Bron van gebeurtenis:      DNS
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      4004
Datum:            21/10/2003
Tijd:            12:42:40
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The DNS server was unable to complete directory service enumeration of zone ..  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The event data contains the error.

Zie Help en ondersteuning op http://go.microsoft.com/fwlink/events.asp voor meer informatie.
Gegevens:
0000: 2a 23 00 00               *#..    



PLEASE HELP! I'm desperate. I thought that installing SP4 might solve the issue (maybe a file was corrupt or something like that), but it didn't... The whole system is up to date now.

thanks in advance for your help!
0
Comment
Question by:nd2u
  • 15
  • 12
  • 2
  • +1
31 Comments
 
LVL 2

Expert Comment

by:tbird008
ID: 9593360
Dear nd2u,

Did you accidentally Remove the Client for Microsoft on your server?  This might cause you AD to detach from the network and DNS fail and Netlogon, RPC and may services fail to start.

Tbird008
0
 

Author Comment

by:nd2u
ID: 9593384
you mean if I removed "client for microsoft networks" from the properties of the LAN connection?

nope, not quite

oh, one additional and important thing: once the server is up and I'm logged in, I can very easily start the netlogon and all other services....
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593416
I meant Client For Microsot Network in the Network Card configuration.  Most people use 2 netcard on server to bring in broadband connection and figure Client for Microsoft Network should not appear on the Wan connection which is correct, and remove this item from the wan connection card but they accidentally remove the one on the Lan connection.  This will cause the about protocal and services to fail at same time.

I am looking for the document about this and will post it if this is your case!!

Tbird008
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593434
Can you list the service that is down?  Try to look into dependency list and find out if the services required are running!

Tbird008
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593487
I think you might need to edit registry for your RPCLocator and DependOnService and make sure LanmanWorkstation is there.  I'll try to find the official Document about this.

Tbird008
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593519
Try to make sure these two lines are on your server's Services/Netlogon list!!

Start Registry Editor (Regedt32.exe).
Select the DependOnService value under the following key in the registry:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Netlogon/

On the Edit menu, click Multi String, and type the following on separate lines in the Multi-String Editor that appears:

LanmanServer
LanmanWorkstation

and then click OK.
Quit Registry Editor.

Tbird008
0
 

Author Comment

by:nd2u
ID: 9593544
the server has only 1 NIC as it is behind a firewall anyway, so it's not used to share an internet connection. The properties for this connection do list the "client for microsoft networks" service.

The services which don't start automatically are basically all services which depend on the Workstation service. That service itself is not dependent on any others, is it?

I don't understand your last comment regarding the RPCLocator and DependOnService stuff? The complete documentation could be very useful!

0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593557
Ignor the RPClocator one try the message above first!

Tbird008
0
 

Author Comment

by:nd2u
ID: 9593583
okay, both lanmanserver and lanmanworkstation are present there (workstation is on the first line)...

but they're followed by an empty line and a line with just " | " in it (without the brackets)
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9593638
| is that your cursor?  If not it should not be there.  Forgot to tell you make sure you backup registery first before making changes

What was the event again?
7024, 2138, 4004 and more?

Tbird008
0
 

Author Comment

by:nd2u
ID: 9593675
euhm, no it's not my cursor :D

I don't get any other relevant errors in my event logs... except for a quite huge amount of perflib errors, but I presume those are caused by HP stuff which monitors my server (HP Proliant ML 350 G3)
0
 

Author Comment

by:nd2u
ID: 9594143
Well, I did two things:

1° I deleted the extra line and the | from the entries in the registry under the mentioned key
2° I configured the service to try to start again after two minutes if something went wrong

The netlogon was started when I just rebooted... although I still received the message that some services didn't start up correctly ?!?

+ some other error showed up in the system event log:

Type gebeurtenis:      Waarschuwing
Bron van gebeurtenis:      NETLOGON
Categorie van gebeurtenis:      Geen
Gebeurtenis-ID:      5773
Datum:            21/10/2003
Tijd:            23:13:21
Gebruiker:            n.v.t.
Computer:      DWGE1
Beschrijving:
The DNS server for this DC does not support dynamic DNS. Add the DNS records from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server serving the domain referenced in that file.

Zie Help en ondersteuning op http://go.microsoft.com/fwlink/events.asp voor meer informatie.
Gegevens:
0000: 2c 23 00 00               ,#..    


There is indeed such a file on my harddisk and it contains a lot of entries. How do I put them in my DNS ? (no experience with that!)
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9594195
5773 is an old DNS error that was fixed with service pack 2 or higher.  One silly question did you uncheck the file and print sharing on the Netcard Opition?  If you did try to restore the reistery and check that opition.

Tbird008
0
 

Author Comment

by:nd2u
ID: 9594226
euhm, no I didn't! The W2K CD the server was installed from (by our software company) had SP3 and I upgraded it to SP4.

Might I have accidentily erased some entries from the DNS?
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9594255
Possible, check which entry that it was looking for and try to add it into your DNS foward and reverse lookup.

Tbird008
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 2

Expert Comment

by:tbird008
ID: 9594299
Go to you DNS MMC and right click on your domain in the foward lookup and see if the dynamic update is "yes"

Tbird008
0
 

Author Comment

by:nd2u
ID: 9594314
well, the file contains quite a big list:

dwge.gerechtsdeurwaarders.be. 600 IN A 10.136.94.2
_ldap._tcp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.Default-First-Site-Name._sites.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.3d35ee8d-fb36-486c-9ceb-4140e289dc4c.domains._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.
eb770e7a-abba-41de-9bbb-a3e855f0683c._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN CNAME dwge1.dwge.gerechtsdeurwaarders.be.
_kerberos._tcp.dc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 88 dwge1.dwge.gerechtsdeurwaarders.be.
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 88 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.dc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.
_kerberos._tcp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 88 dwge1.dwge.gerechtsdeurwaarders.be.
_kerberos._tcp.Default-First-Site-Name._sites.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 88 dwge1.dwge.gerechtsdeurwaarders.be.
_kerberos._udp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 88 dwge1.dwge.gerechtsdeurwaarders.be.
_kpasswd._tcp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 464 dwge1.dwge.gerechtsdeurwaarders.be.
_kpasswd._udp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 464 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.gc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 3268 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 3268 dwge1.dwge.gerechtsdeurwaarders.be.
gc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN A 10.136.94.2
_gc._tcp.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 3268 dwge1.dwge.gerechtsdeurwaarders.be.
_gc._tcp.Default-First-Site-Name._sites.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 3268 dwge1.dwge.gerechtsdeurwaarders.be.
_ldap._tcp.pdc._msdcs.dwge.gerechtsdeurwaarders.be. 600 IN SRV 0 100 389 dwge1.dwge.gerechtsdeurwaarders.be.


and the DNS service contains a lot of subdivisions both in forward and reverse lookup... Do I, and if yes, how and where do I enter this stuff?
0
 

Author Comment

by:nd2u
ID: 9594325
it didn't say YES, it said "only secured updates"!

should I place it back to that after a reboot if I see new entries?
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9594345
Yes you should select "yes" and restart DNS.

Tbird008
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9594474
your Netlogon.dns looks Normal
0
 

Author Comment

by:nd2u
ID: 9594545
well, I still get the message that "at least one service failed to start up (blablabla)"

and I also still get the same Netlogon 5773 error in my system event log... there aren't any new entries in my DNS either...

anyway, I have to stop working now as my backup just started (it's midnight here!)

cu tomorrow!
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9594566
See u!!
0
 

Author Comment

by:nd2u
ID: 9612772
okay, rebooting seems to work fine (I even removed the setting in the "services" console to try to restart the server 2 minutes after the failure).

However, I'm still stuck with the Netlogon 5773 error (which is new since the modifications in the DNS server) ...


(+ is it normal that I have to wait for 10 minutes until my server shuts down?? (it's working as a file server + SQL + Exchange for about 10 users and it's a Xeon 2,8Ghz with 1Gb Ram))
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9614747
Hi Nd2u,

Good to heard from you again!  It is quite normal that it take longer for Server with SQL + Exchange to shutdown.  Database needs to dismount itself and make sure no queues left to process.  I'll double check on it, also the 5773 error.

Tbird008
0
 
LVL 2

Expert Comment

by:tbird008
ID: 9615324
Hi Ncl2u,

I think the info below might solve your prolbem:

Description The DNS server for this DC does not support dynamic DNS. Add the DNS records from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server serving the domain referenced in that file.  
Comments Adrian Florin Moisei (Last update 5/15/2003):
This problem was first corrected in Windows 2000 Service Pack 2.
Solution
I received this error on Windows 2000 DC when trying to integrate Windows 2000 DNS into an existing namespace based on non-dynamic DNS servers. DNS server is a Windows NT 4. To solve it add: DWORD UseDynamicDns=0 in key: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters and follow the instructions in the link below.  

Link below has more detial
http://www.kingcomputer.com.au/Support/Microsoft/Windows2000/fix-DNSerror5773.htm

Tbird008


0
 

Author Comment

by:nd2u
ID: 9626484
hmm...

my DNS server is the windows 2000 DC ... So it should support dynamic DNS, not?

and the "IN A" entries are already included in my zonefile...

should I really do what the link suggests??
0
 
LVL 14

Expert Comment

by:huji
ID: 11891893
Hi there
I have faced the same problem, was there a solution found at last?
Huji
0
 

Author Comment

by:nd2u
ID: 11896099
hi huji,


I couldn't really resolve the problem, but I worked around it, by specifying in the configuration of the services that fail to start up, that more than just one attempt should be made to start the service up.

that seems to allow my server to boot... although I'm not too happy with the situation....


good luck!

0
 
LVL 14

Expert Comment

by:huji
ID: 11896401
Thanks nd2u.. I am asking for help here: http:Q_21107102.html
Follow this if you are still interested in the subject..
Huji
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 12386073
PAQed, with points refunded (500)

CetusMOD
Community Support Moderator
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Just about everyone has an old PC laying around.  Ask anyone in the IT industry, whether they are a professional or play in it as a hobby.  From outdated Desktops to cheap "throwaway" laptops, they are all around and not as hard to "fix up" as you m…
#Citrix #POC #XenDesktop #vCenter #VMware #ESX
This video discusses moving either the default database or any database to a new volume.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now