Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 824
  • Last Modified:

SBS events 1030, 1054, 1058

Hi,

We've been seeing a certain set of errors on numerous SBS servers, and it's becoming maddening. I'm hoping someone out there has "cracked this nut," as they say. The errors are:

Application Log

1030 - Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

1054 - Windows cannot obtain the domain controller name for your computer network. (An unexpected network error occurred.) Group policy processing aborted.

1058 - Windows cannot access the file gpt.ini for GPO cn=...... The file must be present at the location... Configuration information could not be read from the domain controller, either because the machine is unavailable or access has been denied. Group Policy processing aborted.

- - - - - - - - - - - - - - - - -

We've researched these errors, of course, and the generally recommended solution is "check your DNS settings." The MS KB articles that say that then go on to provide different ways of checking one's DNS settings, and those always pan out just fine for us. In other words, I think our DNS settings are correct, but maybe I'm missing something, because we see these errors on multiple (but not ALL) SBS servers under our control.

We typically set up SBS servers in a single NIC configuration. Is this known to be problematic?

We always set the only DNS server value on the server's NIC to be the IP address of that NIC. Good? (Yes, we use the wizards.)

Is there something else we could look at in the DNS management console?

On one server in particular, we have a very significant problem that may or may not be related to the above. On that server, a handful of network services spontaneously shutdown on an essentially-daily basis, and we have to go in and restart those services. An additional event log error is probably pertinent:

System Log

7023 The Server service terminated with the following error. Access is denied.

- - - - - - - - - - - - - - - - -

Often, but not always, when we log into that server, we'll see an error window. It says something to the effect of:

"Generic host process [maybe win32svc.dll or svchost.dll?] caused an unexpected error..."

Do you think it's related--or is it probably something else (a driver?)?

Thanks,
. . Shawn
_________________
Shawn Hannan
CT - West U/Med Center
Houston, Texas - USA
0
shawnhannan
Asked:
shawnhannan
  • 3
  • 3
  • 2
2 Solutions
 
Alan Huseyin KayahanCommented:
Hi shawnhannan,

          Are you able to ping servers via FQDN?

Regards,

MrHusy
0
 
shawnhannanAuthor Commented:
MrHusy,

I'm familiar with "FQDN" as "fully-qualified domain name," but I've often wondered how to interpret the term.  Do people use it to mean the public DNS name, the internal Windows DNS name, or both?  And when you ask whether the server can be pinged using the FQDN, are you asking whether it can be pinged from itself, from a workstation on the LAN, both of those, or neither?

What I just checked is pinging the server from itself, using both the internal and public DNS names, and both of those worked just fine.  I don't know if it makes a difference, but on the public side, we have an MX record pointing to a statically-assigned DNS entry with DynDNS.org, and that entry maps to the static IP address.

So mail.domainname.com points to domainname.dnsalias.com points to the IP address...

From the server, when I ping domainname.com, it shows itself pinging domainname.dnsalias.com and getting a reply.

From the server, when I ping localdomainname.local, I get immediate replies.

Thanks,
    Shawn

0
 
Alan Huseyin KayahanCommented:
       Hi Shawn
            FQDN for target host is used for both internal and external. server is your servers name, company.com is your domain, then server.company.com is the FQDN for target host. But I mean the FQDN with alias (CNAME) which is created for servers only like
          724156f1-dddf-49cc-b5ca-b9b39cc45fcf._msdcs.domain.com , which is used for internal purposes and replications between DCs. In DNS server, please do the following
           *Start>Run>dnsmgmt.msc
           *In left-pane, expand forward lookup zones, then click on _msdcs.danger.local. Now in right pane you can see your servername in "Data" tab, double-click the Alias
          *Now copy the FQDN (With alias) in second line, then try pinging this address from a client or from other DC. Do the same for other DC.
          *If ping times out, you should run the following command ins the server that ping times out
             net stop netlogon
             net start netlogon
             netdiag /fix

Regards
             
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Are these errors on the servers themselves or XP clients?
Simple test via XP/Vista client or the server itself to make sure DNS for AD is working:
Open Explorer
Type the following:
\\mydomain.local\sysvol\mydomain.local\

You should see a list of polices there. If you do, then the workstations are able to connect and update their Group Policy.

Troubleshooting GP problems with Windows Server:
http://www.microsoft.com/downloads/details.aspx?familyid=b24bf2d5-0d7a-4fc5-a14d-e91d211c21b2&displaylang=en

Active Directory DNS related troubleshooting:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd10.mspx

Pay specific attention to the diagnostic tests to be run with DcDiag.

FYI: We run 99.9% of our SBS installations with 2 NICs.

HTH,

Philip
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
As far as the services spontaneously shutting down: Are they doing it at the same time every day? If they are, check and see what other services are set to automatically run at that time. Check Volume Shadow Copy Service, A/V scans & updates, and the like.

A good place to start there is in the Task Scheduler.

For the services to automatically recover, type:
Start-->Run-->services.msc [Enter]
Find the troublesome services and double click on them. Change their Recovery abilities to "Restart the Service" for all three levels. Reset Fail Count to 1 and 1 minute for Restart the Service.

HTH,

Philip
0
 
shawnhannanAuthor Commented:
I have new information.

When I logged into the server last night and once again saw the error window stating "Generic Host Process for Win32 Services encountered a problem and needed to close," I submitted the error report to MS.  The MS server apparently had something to say in response, because I got a pop-up offering a URL to click-through for more info.  To my great surprise, the MS webpage that appeared emphatically stated that the problem we had experienced was due to malicious software, and directed us to install the latest updates/patches.  I proceeded to do that.  The first download was Win2k3 SP2, followed by a series of updates on top of that.

This occurred late last night.  I just logged in again, and things have improved:

1.  The "Generic Host Process" window was not on-screen.  This almost certainly would have been there if not for the patching, since it was truly an everyday occurrence up until yesterday.

2.  All services were running as they should be.

3.  The Application Log now shows only a persistent Event 1054 ("Windows cannot obtain the domain controller name for your network...")

This is obviously a significant improvement, and I certainly hope it's not just good luck for today, but rather "the first day of the rest of this server's life."  :)

With all that said, I will still happily award full points to whoever unlocks the mystery of Event 1054 to me, since this error is one that persists not only on this machine, but on other SBS servers we've configured.

Thanks to both MrHusy and MPECSInc.

MrHusy, I tried the ping test in your latter post, and received replies just fine--no timeouts.

MPECSInc, the \\mydomain.local\sysvol\mydomain.local\ test worked out as expected.

So then, in the end, we continue to seek an understanding of what DNS misconfiguration we're guilty of, if any...

Thanks,
     Shawn
0
 
Alan Huseyin KayahanCommented:
       Hi Shawn
           Make sure in DNS properties, the DNS server's IP address is assigned as preferred DNS server (If your SBS is the DNS, then type the IP address of SBS. If that server is the DNS, then type 127.0.0.1)
          Then run
          net stop netlogon
          net start netlogon
          netdiag /fix
          ipconfig /flushdns
          ipconfig /registerdns
         
Regards
0
 
shawnhannanAuthor Commented:
I'm going to close out this question at this point.  While I appreciate all the suggestions, it doesn't seem any of them actually applied to our situation.  We need a bit more time to say for sure, but it appears the resolution is going to relate to this --> http://support.microsoft.com/kb/938448.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now