bdoll56479
asked on
Event 1053 Userenv and Event 15 AutoEnrollment
Getting the following two errors everytime a machine starts up and at regular intervals. Running SBS 2003 network. The client is XP Pro. I have tried removing machine from the domain, deleting the machine account in AD, rebooting SBS 2003 computer, then rejoining the machine to the domain. Problem returned. Any ideas?
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 5/14/2006
Time: 9:01:47 PM
User: NT AUTHORITY\SYSTEM
Computer: SI003
Description:
Windows cannot determine the user or computer name. (Access is denied. ). Group Policy processing aborted.
--------------------------
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 15
Date: 5/14/2006
Time: 9:02:47 PM
User: N/A
Computer: SI003
Description:
Automatic certificate enrollment for local system failed to contact the active directory (0x8007052b). Unable to update the password. The value provided as the current password is incorrect.
Enrollment will not be performed.
--------------------------
I just added a brand new hp notebook to the network and got the same errors along with the following in the SYSTEM Log:
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5788
Date: 5/14/2006
Time: 9:24:53 PM
User: N/A
Computer: JENNYLAPTOP
Description:
Attempt to update HOST Service Principal Names (SPNs) of the computer object in Active Directory failed. The updated values were 'HOST/JENNYLAPTOP.domain.l
Access is denied.
--------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5789
Date: 5/14/2006
Time: 9:24:53 PM
User: N/A
Computer: JENNYLAPTOP
Description:
Attempt to update DNS Host Name of the computer object in Active Directory failed. The updated value was 'JENNYLAPTOP.domain.local'
Access is denied.
So, it appears I can't add any computers to my SBS 2003 network right now without getting these errors and also being unable to register DNS records, secure or unsecure.
Help!
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 5/14/2006
Time: 9:01:47 PM
User: NT AUTHORITY\SYSTEM
Computer: SI003
Description:
Windows cannot determine the user or computer name. (Access is denied. ). Group Policy processing aborted.
--------------------------
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 15
Date: 5/14/2006
Time: 9:02:47 PM
User: N/A
Computer: SI003
Description:
Automatic certificate enrollment for local system failed to contact the active directory (0x8007052b). Unable to update the password. The value provided as the current password is incorrect.
Enrollment will not be performed.
--------------------------
I just added a brand new hp notebook to the network and got the same errors along with the following in the SYSTEM Log:
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5788
Date: 5/14/2006
Time: 9:24:53 PM
User: N/A
Computer: JENNYLAPTOP
Description:
Attempt to update HOST Service Principal Names (SPNs) of the computer object in Active Directory failed. The updated values were 'HOST/JENNYLAPTOP.domain.l
Access is denied.
--------------------------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5789
Date: 5/14/2006
Time: 9:24:53 PM
User: N/A
Computer: JENNYLAPTOP
Description:
Attempt to update DNS Host Name of the computer object in Active Directory failed. The updated value was 'JENNYLAPTOP.domain.local'
Access is denied.
So, it appears I can't add any computers to my SBS 2003 network right now without getting these errors and also being unable to register DNS records, secure or unsecure.
Help!
http://support.microsoft.com/default.aspx?scid=kb;en-us;310461&Product=winxp autoenrollmenty solution
http://support.microsoft.com/?id=257734 here is how microsoft says to fix the netlogon error
access is denied is a permissions problem to sum it all up so check your permissions for that system on the server and you should be able to clear up all the errors.
ASKER
Check permissions where? Right now every new computer that joins the domain has these same problems. Is there a container or something that has its permissions incorrect?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This looks like a DNS configuration problem to me. Check IPCONFIG on the clients and make sure the DNS server address is the server, then try to resolve the server domain with NSLOOKUP. If it fails, look in the error log and fix DNS till it works before worrying about other things.
Symptoms: your w2k/xp clients may receive this Event ID 1053 - Windows cannot determine the user or computer name. (<error description>). Group Policy processing aborted. Or error: "The specified user does not exist."
Resolutions: 1. Make sure that your internal DNS server is the server for the domain you are logging in to.
2. Verify the DNS Settings. This will occur if your DNS server is unable to resolve information about your domain.
3. Delete the problem computer from DNS records and re-create it.
Event ID 5774, 5775 and 5781 - Netlogon
Symptoms: you may find Event ID 5774 and 5775 - Registration of the DNS record '<dns record>'. 600 IN SRV 0 100 3268 <domain name>.' failed with the following error: <error description>.on your AD with DNS server.
Resolutions: 1. Make sure the Domain Controller points to itself as a DNS server.
2. If you have two NICs on this server, disable one of them or point all NICs to the internal DNS.
3. If you just upgraded the server or changed the IP, you may need delete the problem record manually and restart the NETLOGON service.