Windows XP SP2 - Event IDs 1054 and 5719 - No GP applied

Not alot of help out there on this one.

I have a machine that was recently imaged that now gets these events in the log...

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1054
Date:            4/18/2006
Time:            2:26:48 PM
User:            NT AUTHORITY\SYSTEM
Computer:      GB3R24S91
Description:
Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

****

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5719
Date:            4/18/2006
Time:            2:26:37 PM
User:            N/A
Computer:      GB3R24S91
Description:
No Domain Controller is available for domain GBLAW due to the following:
There are currently no logon servers available to service the logon request. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

As you might guess, Group Policy does not apply to the machine.  

I've tried these articles with no success...

http://www.eventid.net/display.asp?eventid=1054&eventno=1393&source=Userenv&phase=1
http://www.eventid.net/display.asp?eventid=5719&eventno=104&source=NETLOGON&phase=1
http://support.microsoft.com/?kbid=326152
http://support.microsoft.com/?kbid=193888
http://support.microsoft.com/?kbid=305293
http://support.microsoft.com/?kbid=299357

...as well as numerous Google and EE posts.

I have an integrated Gigabit ethernet card, but I have also tried other non-Gigabit adapters with no resolution.  I have disabled the integrated adapter in the BIOS when attempting a non-Gigabit adapter.  Still no resolution.

I am aware that this is a DNS problem.  I know this because when I manually assign an IP address and gateway/DNS addresses, the problem disappears.  Additionally, with manual IP assignments the computer pauses for a moment on "Preparing network connections" when booting.  With DHCP enabled, it just flashes past that.  This tells me that the adapter isn't getting an address and/or the OS thinks it's not active.

Finally, when the computer is fully booted and logged in, there is network access just as one would expect.  Just no GP applied.

Any help would be appreiciated.



LVL 6
thernlundAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig_200XCommented:
you did try this :

"netsh int ip reset c:\tcp.log"

right?

Have you tried rejoining to the domain?

0
thernlundAuthor Commented:
Thanks for the response.

Yes.  That command resets the stack (article 299357 as posted above).  No luck.

As well, I have removed the computer from the domain and rejoined with no luck.


-T.
0
masterbakerCommented:
You might need to set the group policy setting to wait for the network to start before allowing a log in.  See this article for info on this (and other troubleshooting steps).  This basically prevents users from logging in with cached credentials before the network has had time to start up.  

"http://technet2.microsoft.com/WindowsServer/en/Library/dfe7b84d-8727-4561-9767-ccb47a5bf9ba1033.mspx

So make this change and then reboot this problematic PC.  When it gets to the login prompt, give it a minute or two before logging in (to allow the network to properly start).  Then log in and run this command "gpupdate" from a command prompt window.

You might also want to change the group policy setting to prevent the detection of slow network links.  Sometimes Windows thinks it is on a slow network connection, so it will not try to connect to a DC.

Now reboot the PC and see if that takes care of it.

Please post back with the results.

Jeff
0
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

AntunbCommented:
When you removed the computer from the domain did you make sure the computer account is gone in AD

remove it from the domain, look in AD users and computers, if its there delete it
then add it again to the domain and see

also look at this
http://support.microsoft.com/default.aspx?scid=kb;en-us;840669#E6ADAAA




The problem could be a number of things, the link above is a workaround NOT a fix,

could be network card? try and replace it
could be cableing?
0
thernlundAuthor Commented:
Jeff,

Tried the first thing as per my first post; article number 305293.  I'll look at the slow link detection.


Antunb,

I did make sure the account was deleted from AD.  There was at least a 5 hours period between removing and readding (I got side-tracked).  

I also tried the fix in the article you mention.  It does remedy the 1054 problem, but not the 5719 problem.  

As per my original post, I have used other network adapters.  I didn't mention, but I have also used other network jacks and cables.  As well, I have used other computers on this jack and cable without issue.


-T.
0
AntunbCommented:
hmm this is an odd one,

did you check the IP configuration?

prevent cached logon credentials on that workstation
http://www.setup32.com/tech-tips/windows-nt/security/cached-credentials-security.php


Then try and log in and see if you can do it
0
thernlundAuthor Commented:
Jeff,

No go on the slow link detection.  Disabling it has no effect on the issue.


Antunb,

I have checked the IP configuration serveral time.  Nothing looks to be out of place.  The machine gets an IP address just fine.  It just doesn't seem to be getting it fast enoguh to satisfy Windows.

I disabled cached logons and rebooted twice.  Interesting to note the when the Ctrl-Alt-Del box displayed, I couldn't log on for about another 15 to 20 seconds.  The warning dispayed was that no domain controllers were available to authenticate me (not a quote).  After a short time and a fourth try, I was able to log on.


-T.

0
AntunbCommented:
hmm this is an odd one.

Ok can you go to tcp-ip properties, configure network adapter
advanced tab

where it is speed and duplex set it to what the switch is running,
ie. 100 full duplex


im nit sure where else we can check for windows to wait for drivres 2 load,

,aybe a new driver?
0
Dark_KingCommented:
I’m not shore this helps you but I have problem with 20 new computers
not worked ok with DHCP enabled, After local login it take 1min before network working.
With manually assign an IP I cold login to network and when login local network
was running instants.

In my case it was the “IrpStackSize” that’s was to small and some service cold not start.
In XP this should automatic resize this value but I cold not find a way to read
What it was.  

I add IrpStackSize and set it to 15 and it work now.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters

1. Look for the IRPStackSize value. If the value does not exist, you must create it:
 a. Right-click in the right pane, point to New, and then click DWORD Value.
 b. Type IRPStackSize and then press Enter. Type the value exactly as shown; it is case-sensitive.
2. In the right pane, double-click the IRPStackSize value to enter edit mode.
3. Change the Base to decimal.
4. In the Value Data box, type 15
5. Close the Registry Editor.
6. Restart the computer.


GP applied
gpresult /V >> c:\polinfo.txt

And you can use rsop.msc to start Gpedit and shown only activated/deactivated settings.
0
oBdACommented:
If this machine is connected to a manageable switch, make sure you enable the portfast feature; a modern XP machine boots fast enough that the spanning tree protocol on the switch isn't finished until the client requests an IP address, and so the port isn't open yet.
0
thernlundAuthor Commented:
Antunb,

Setting the link speed manually had no effect.


Dark King,

Setting the IRPStackSize had no effect.


oBdA,

Spanning Tree isn't enabled on the switch.


I plan to bring another machine of identical hardware online with a fresh image and see what happens.


-T.
0
thernlundAuthor Commented:
So I just brought up a new machine with the factory installed OS, added it to the domain, move the account to the proper OU, and everythng works just fine.  No event log errors.  No failed GP.  Ugh.

I check the drivers and both are identical verisions.


-T.
0
masterbakerCommented:
You mentioned at the very beginning that this machine was recently imaged.  What is the imaging process you use?  Are you sure it was followed properly?  An improperly imaged PC (improper meaning it doesn't have a unique SID for one of many reasons) could cause it to never add properly to the domain.

Is it possible for you to re-image this PC and try to add it again?

Jeff
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
thernlundAuthor Commented:
That is a possible explanation.  However I find myself in a position where I cannot simply reimage this PC as it has a certain amount of "proprietary and unmovable" data on it.

I'm going to try this...

1.  Remove the computer from the domain, change the name, readd to the domain.  I recognize that changing the name while still in the domain will not work, hence my first removing it from the domain.

2.  Failing that, I will sysprep it and readd it under a new name.


-T.
0
thernlundAuthor Commented:
Amazing.  Problem solved.  I skipped my own point 1 above and just did point 2.   Here's what I did...

1.  Downloaded the XPsp2 version of sysprep and ran it with the Mini-setup checkbox checked.  
2.  Restarted the machine.
3.  Went through the mini-setup, setting the desired options.
          3a.  Named the computer a DIFFERENT name then the one used previously.
          3b.  Added the machine to the domain in the mini-setup.  
4.  Restarted the computer.
5.  Logged in with domain account.
6.  On the domain controller, move the computer account to the desired OU.
7.  Wait 5 minutes for replication.
8.  On problem computer, run "gpupdate /force". Say no to log off prompt.
9.  Restart computer.  Screen pauses on "Preparing network connections" as expected.
10.  Log on.  No errors reported.  GP applied successfully.

Two things that could have possible had an effect, but I can't be sure...

1.  During prior troubleshooting procedures, uninstalled "AEGIS Protocol" from the adapter properties.
2.  Also uninstalled "Network Monitor" from the adapter properties.

I didn't test these to see if they were the problem, so I am unsure what the impact was on the final solution.

I'm usually answering questions rather than asking them, so this is sort of a big deal to me.  Thank a bunch to everyone who helped.


-T.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.