asked on
Event ID 1030, 1065 on server 2003 standard
My client has a new Server 2003 standard connected to SBS2003 as a client. As of 2 days ago when logging onto the new server, all admin accounts on the server no longer have any permissions to install software, change network settings etc? Basically any admin account when logged onto the server is not an admin account anymore? even the domain admin?
Event id 1030 and 1065 are found in event viewer and I have tried many suggestions found on various forums but to no avail. All other client machines connecting to the SBS server have no issues only the server 2003 standard has this issue, it is the new accounts server and was due to go live tomorrow any help would be greatly appreciated.
Event id 1030 and 1065 are found in event viewer and I have tried many suggestions found on various forums but to no avail. All other client machines connecting to the SBS server have no issues only the server 2003 standard has this issue, it is the new accounts server and was due to go live tomorrow any help would be greatly appreciated.
Microsoft Server OSWindows Server 2003SBS
Last Comment
Jeffrey Kane - TechSoEasy
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Ok, thanks for the advice so far. I have replaced the framedyn.dll and the Event id 1065 has now gone away. The 1030 error is still in place and I still have no administrator rights on the server? I disconnected the server from the domain and still had the same issue? rejoined the domain and no change.
Anything else it could be linked to, I have been through the group policies and can't see anything problematic. I have noticed however that the firewall on the client server says it is corrupt and I cant get access to any property pages because of the original problem, no privelages! Its the standard windows firewall, could this be a cause and how the hell can I uninstall it? cant see it in add/remove windows components.
Thanks again for your help so far.
Anything else it could be linked to, I have been through the group policies and can't see anything problematic. I have noticed however that the firewall on the client server says it is corrupt and I cant get access to any property pages because of the original problem, no privelages! Its the standard windows firewall, could this be a cause and how the hell can I uninstall it? cant see it in add/remove windows components.
Thanks again for your help so far.
Well, wait a minute... in an SBS environment, you need to add an additional server in a specific manner. Please follow the steps outlined in this paper: http://sbsurl.com/addserver
And regarding the firewall... are you saying this is occuring on the SBS? If so, are there error events occuring in addition to 1030? (such as 1058?). Are you trying to make the new server a domain controller?
Jeff
TechSoEasy
And regarding the firewall... are you saying this is occuring on the SBS? If so, are there error events occuring in addition to 1030? (such as 1058?). Are you trying to make the new server a domain controller?
Jeff
TechSoEasy
ASKER
The errors are appearing on the client server which runs server 2003 standard R2 SP1, it has been working fine connected to the SBS2003 server (DC) until 2 days ago. There have been no changes made to the servers in the last week. In the event log of the client server i am receiving the 1030 error but no other errors? The client server is running SAP so it only need to be a client and nothing more, so no I dont want it to be a DC and havent configured it to act as one, roles on the client server are file server and application server, it runs SQL 2005.
Is that any clearer, apologies if my details seem a bit vague :(
Is that any clearer, apologies if my details seem a bit vague :(
ASKER
Bah, just ran gpupdate on the client and got the 1065 error back! also ran gpresult and here is the log if it helps
C:\Documents and Settings\Administrator.ISM
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 31/05/2007 at 11:07:49
RSOP data for ISM\administrator on ACCTS-SERVER : Logging Mode
--------------------------
OS Type: Microsoft(R) Windows(R) Server 2003, Standard Editi
on
OS Configuration: Member Server
OS Version: 5.2.3790
Terminal Server Mode: Remote Administration
Site Name: Default-First-Site-Name
Roaming Profile:
Local Profile: C:\Documents and Settings\Administrator.ISM
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=ACCTS-SERVER,CN=Compute
Last time Group Policy was applied: 31/05/2007 at 11:06:21
Group Policy was applied from: ism-server.ISM.local
Group Policy slow link threshold: 500 kbps
Domain Name: ISM
Domain Type: Windows 2000
Applied Group Policy Objects
--------------------------
Small Business Server Client Computer
Small Business Server Remote Assistance Policy
Small Business Server Lockout Policy
Small Business Server Domain Password Policy
Default Domain Policy
The following GPOs were not applied because they were filtered out
--------------------------
Local Group Policy
Filtering: Not Applied (Empty)
Small Business Server Windows Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PostSP2
Small Business Server Internet Connection Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PreSP2
The computer is a part of the following security groups
--------------------------
BUILTIN\Administrators
Everyone
BUILTIN\Users
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
Domain Computers
USER SETTINGS
--------------
CN=Administrator,CN=Users,
Last time Group Policy was applied: 31/05/2007 at 11:06:21
Group Policy was applied from: ism-server.ISM.local
Group Policy slow link threshold: 500 kbps
Domain Name: ISM
Domain Type: Windows 2000
Applied Group Policy Objects
--------------------------
Default Domain Policy
The following GPOs were not applied because they were filtered out
--------------------------
Small Business Server Client Computer
Filtering: Not Applied (Empty)
Small Business Server Lockout Policy
Filtering: Disabled (GPO)
Small Business Server Domain Password Policy
Filtering: Not Applied (Empty)
Small Business Server Remote Assistance Policy
Filtering: Disabled (GPO)
Local Group Policy
Filtering: Not Applied (Empty)
Small Business Server Windows Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PostSP2
Small Business Server Internet Connection Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PreSP2
The user is a part of the following security groups
--------------------------
Domain Users
Everyone
Debugger Users
BUILTIN\Users
BUILTIN\Administrators
REMOTE INTERACTIVE LOGON
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Domain Admins
Exchange Services
Exchange Domain Servers
Group Policy Creator Owners
Enterprise Admins
Schema Admins
SBS Mobile Users
SBS Report Users
Exchange Enterprise Servers
C:\Documents and Settings\Administrator.ISM
C:\Documents and Settings\Administrator.ISM
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
Created On 31/05/2007 at 11:07:49
RSOP data for ISM\administrator on ACCTS-SERVER : Logging Mode
--------------------------
OS Type: Microsoft(R) Windows(R) Server 2003, Standard Editi
on
OS Configuration: Member Server
OS Version: 5.2.3790
Terminal Server Mode: Remote Administration
Site Name: Default-First-Site-Name
Roaming Profile:
Local Profile: C:\Documents and Settings\Administrator.ISM
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=ACCTS-SERVER,CN=Compute
Last time Group Policy was applied: 31/05/2007 at 11:06:21
Group Policy was applied from: ism-server.ISM.local
Group Policy slow link threshold: 500 kbps
Domain Name: ISM
Domain Type: Windows 2000
Applied Group Policy Objects
--------------------------
Small Business Server Client Computer
Small Business Server Remote Assistance Policy
Small Business Server Lockout Policy
Small Business Server Domain Password Policy
Default Domain Policy
The following GPOs were not applied because they were filtered out
--------------------------
Local Group Policy
Filtering: Not Applied (Empty)
Small Business Server Windows Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PostSP2
Small Business Server Internet Connection Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PreSP2
The computer is a part of the following security groups
--------------------------
BUILTIN\Administrators
Everyone
BUILTIN\Users
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
Domain Computers
USER SETTINGS
--------------
CN=Administrator,CN=Users,
Last time Group Policy was applied: 31/05/2007 at 11:06:21
Group Policy was applied from: ism-server.ISM.local
Group Policy slow link threshold: 500 kbps
Domain Name: ISM
Domain Type: Windows 2000
Applied Group Policy Objects
--------------------------
Default Domain Policy
The following GPOs were not applied because they were filtered out
--------------------------
Small Business Server Client Computer
Filtering: Not Applied (Empty)
Small Business Server Lockout Policy
Filtering: Disabled (GPO)
Small Business Server Domain Password Policy
Filtering: Not Applied (Empty)
Small Business Server Remote Assistance Policy
Filtering: Disabled (GPO)
Local Group Policy
Filtering: Not Applied (Empty)
Small Business Server Windows Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PostSP2
Small Business Server Internet Connection Firewall
Filtering: Denied (WMI Filter)
WMI Filter: PreSP2
The user is a part of the following security groups
--------------------------
Domain Users
Everyone
Debugger Users
BUILTIN\Users
BUILTIN\Administrators
REMOTE INTERACTIVE LOGON
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Domain Admins
Exchange Services
Exchange Domain Servers
Group Policy Creator Owners
Enterprise Admins
Schema Admins
SBS Mobile Users
SBS Report Users
Exchange Enterprise Servers
C:\Documents and Settings\Administrator.ISM
Well, you apparently did not follow the paper I linked above to properly add this server. You've placed it in a wrong OU in AD. SBS"s AD is preconfigured and the structure cannot be modified. Member Servers must be in the following OU:
ISM.local\MyBusiness\Compu
(all workstations must be in ISM.local\MyBusiness\Compu
So, that's a major part of your problem.
SBS-based networks cannot be managed the same as stand-alone Server 2003-based networks. You need to follow the design parameters of SBS if you want things to work properly.
Jeff
TechSoEasy
ISM.local\MyBusiness\Compu
(all workstations must be in ISM.local\MyBusiness\Compu
So, that's a major part of your problem.
SBS-based networks cannot be managed the same as stand-alone Server 2003-based networks. You need to follow the design parameters of SBS if you want things to work properly.
Jeff
TechSoEasy
FYI, had you used the "Set up Server Computers" wizard in the SBS's Server Management Console, the server would have been placed in the proper OU automatically. You should ALWAYS add new devices using the SBS's wizards... not directly in AD.
Jeff
TechSoEasy
Jeff
TechSoEasy
ASKER
Thanks for your help on this matter, I found the problem to be a corrupted WMI. Repaired the WMI and then repaired other compents that had been affected by the problem, all is now present and correct.
That may very well be the case... but your servers are still in the wrong OU if you left them in the ISM.local\Computers OU.
Jeff
TechSoEasy
Jeff
TechSoEasy
(You can easily check by typing PATH at a command prompt).
If it's not, type the following at a command prompt to add it to the path:
%SystemRoot%\System32\Wbem
Jeff
TechSoEasy