Cannot add computer to Windows 2000 domain - IpSec and NetLogon services do not start

Posted on 2004-09-09
Last Modified: 2008-01-09
I have a Windows XP Pro computer that was on a Windows 2000 domain yesterday (one of about 50 in my domain) that refuses to access the internet or the domain. Trying to troubleshoot, I've managed to drop it from the domain down to a local workgroup and sever any ties at all to the network. The IpSec and NetLogon services refuse to start with event log errors like this:

Event Source:      Service Control Manager
Event Category:      None
Event ID:      7023
User:            N/A
The IPSEC Services service terminated with the following error:
The requested service provider could not be loaded or initialized.

Event Source:      NETLOGON
Event Category:      None
Event ID:      5737
User:            N/A
The system returned the following unexpected error code:
The requested service provider could not be loaded or initialized.

Before I stupidly dropped it off the domain, I could still access network files if I provided a logon and password. Now when I try to add it back to the domain, I get messages that the machine cannot connect to a dc, and that tcp/ip is not installed. I figure that is due to the services not running, but here is the error message if you want it:

An error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain <DOMAIN>.

The error was: "TCP/IP network protocol not installed."
(error code 0x0000267B DNS_ERROR_NO_TCPIP)

The query was for the SRV record for _ldap._tcp.dc._msdcs.<DOMAIN>

I get error code 10106 when I try to manually start the either service. I'm at a loss. I'm tired, I have 50 other machines that do just fine on this network, and I would just chuck it all and wipe the machine, but it's the only box in my domain that has certain software on it, and I'd like to save it if I can. Sorry about the length, but I'm a too much information rather than too little kind of guy.
Question by:timbercoyote
LVL 83

Expert Comment

ID: 12024423
Seems like your TCP/IP stack has gone overboard, and without that, you obviously can't start any service that relies on it.
How to remove and reinstall TCP/IP for Windows 2000

Author Comment

ID: 12028740
Thanks oBdA, I had wanted to try to re-install TCP/IP, but apparently you can't do that in Windows XP. I did find the Microsoft article on resetting TCP/IP for Windows XP, but no solution there. I have run standard diagnostics and everything checks out, other than the services failing to start... including pinging the gateway, dns, a different workstation on the domain, the computer names for all of the above, and even pinging from the network to the affected workstation works fine. I tried DHCP, static addressing (default), a new static address, deleting and readding the computer from Active Directory, verifying and changing the dns pointers on the server, and asking it to please just be nice to me. Nothing. I'm working through troubleshooting trying to find anything else wrong, but nothing yet. Again, I can't wipe the box unless I want a serious hassle re-installing software I'm not even sure I know where the discs are. Thanks for any and all help.

Expert Comment

ID: 12229695
Having the same problem.  Mine occurred after SP2.  I know I know, learn from your mistakes right?  Anyway.....
oBdA was right.  But remove and reinstall did noting for me plus anyway you can't uninstall TCP for XP you can only "reset" it.  Still doesn't fix it.  He led me in the right direction by making me check my TCP stack to see if anything was out of the ordinary.  Load up your msinfo32 console and check your stack.  Components...Network... Protocol.  Check first the name.  Should say MSAFD Tcpip [TCP/IP].  Mine in fact did not say this.  I "HAD" Panda Antivirus 2004 installed (others may cause problems too) and my TCP stack started with "PAV over MSAFD"  AHA!!  uninstalled Panda and back on the domain now.  I will try and reinstall Panda 2004 and hopefully it won't screw it up again.  Don't feel bad Timbercoyote, this was my personal computer at work and this beat me up for 2 days too.  Going WAY too technical and getting lost.  Don't ever forget, someone, somewhere has had your problem.  Keep checking the forums.  :-)
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.


Expert Comment

ID: 12436677
I'm having this same problem. I can't get a IP address on the network and I noticed that IPSEC wasn't started. When I try to start it I get
"Could not start the IPSEC Services service on Local Computer.
Error 10106: The requested service provider could not be loaded or initialized."

I wish I could reinstall TCP/IP or something.

Expert Comment

ID: 12756699
how do i check my tcp stack? please help! i am having the same problem

Expert Comment

ID: 12758318
Load up your msinfo32 console and check your stack.  Components...Network... Protocol.  Check first the name.  Should say MSAFD Tcpip [TCP/IP].  (This was from my previous post)

Accepted Solution

modulo earned 0 total points
ID: 13380197
PAQed with no points refunded (of 500)

Community Support Moderator

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This article is in response to a question ( here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question