• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 228
  • Last Modified:

Event ID 1030 Logged On XP Machiens

I have several XP Machines in my 2003 domain that have multiple event ID: 1030 entries in their application logs.   On the same machines I'm also getting Information events in the app. log that say "Security policy in the Group policy objects has been applied successfully."   My logon scripts are still running, and it appears that my other GPO setting (password protect screensaver) works as well.     I was also able to create a test GPO, run gpupdate on my xp machine, and have the changes to into effect immediately.   I can't figure out why I'm still receiving the 1030 entries.

I think it may have something to do with DNS.   When I ping "domainname.com" I receive a different IP then my domain controllers.   When I look at my dns entries there are several A records that are named (same as parent folder).   Two of these records are my domain controllers which is ok, but I have no idea where the otehr IP's came from, and they aren't pingable either.   Did someone add those manually, or was it done dynamically somehow?  Is it safe to just remove them, or should I investigate into this first?   Would this also explain why some users are experiencing netbios related issues, like not being able to connect to network shares even though name resolution is working fine.

Any help is greatly appreciated.   Thanks.
0
cogentsystems
Asked:
cogentsystems
  • 4
  • 3
1 Solution
 
masterbakerCommented:
I'm guessing those extra DNS entries are causing your problems.  It sounds like that's what you're thinking too.  I imagine those entries were from previous domain controllers that have been decommissioned improperly.  They could also have been created manually by someone.  In any case, I think you can safely remove them.  If they aren't even pingable, there's no reason they need to resolve to anything.

So remove them and see if things get better over the next day or however long your clients are allowed to cache these entries (I doubt any more than 2 days).

Jeff
0
 
cogentsystemsAuthor Commented:
I've removed these stale IP's and ran an ipconfig /flushdns.   I'm now able to ping "domainname.com", but I'm getting responses from my DC in a different site then I'm in.   Will this cause some latency issues with any other windows services?   How can I make it so my local DC's respond to this type of request?   Thanks for your help.
0
 
masterbakerCommented:
If you have an AD domain that has multiple sites then you may need to look into splitting up your domain.  What I mean is, you may want to create an OU for each site and then place the users, computers, and local DCs in it.  This should keep the traffic locally.  If you just one, wide-open domain with multiple sites in it without breaking it up, you could very well end up with computers talking to DCs over WAN links.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
cogentsystemsAuthor Commented:
I have multiple VLAN's setup and assigned to specific sites.   If my VLAN here at my corporate office is only tied to my local site, then I shouldn't be sending any traffic to any other site right.    Is there a way to place an OU in a specific site?   Thanks.
0
 
masterbakerCommented:
Well Active Directory is separate from VLANs.  AD has its own heirarchial structure that controls how communication occurs.  So you'd need to determine which computers are on which VLANs and then create OUs in AD for those sites or VLANs and place the appropriate objects in them.  This isn't something you want to jump into too quickly.  You should definitely spend some time planning this out and making sure that the changes are beneficial.  For example, if you have three VLANs at one site, you may just want to create one OU for the entire site instead of one for each VLAN, assuming the inter-VLAN traffic is all carried on a fast backbone connection.

Creating the perfect AD structure really requires a good understanding of your own environment as well as a good understanding of how AD works.  You might want to grab a book on AD design and see if you can pick up any good ideas there.  It sounds like you have a good sized group and it could require a lot of planning.

Jeff
0
 
cogentsystemsAuthor Commented:
Ok.  Thanks for everything Jeff.  It looks like removing those stale entries fixed the problem.  I haven't anymore events occur in the app. log.  
0
 
masterbakerCommented:
Good deal.  I'm glad I could help out.

Jeff
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now