[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Netlogon service - not able to set up a secure session with a domain controller in domain Domain1

Posted on 2007-08-01
10
Medium Priority
?
12,734 Views
Last Modified: 2008-03-17
Hello.
I've just fininshed building a Windows Server 2003 with SP2 and all the security updates. Then adding it to my domain and I keep getting this error below.
I rebuilt the server tottaly and get the same error. I'd like to put Citrix 4.5 presentaion on it, but would like to fix this first.

Thanks.
Ampletrix.

This computer was not able to set up a secure session with a domain controller in domain DOMAIN1 due to the following:
There are currently no logon servers available to service the logon request.  
0
Comment
Question by:Ampletrix
10 Comments
 
LVL 9

Expert Comment

by:nightmare2
ID: 19614840
Check your DNS settings on the new server.
Can you ping your DC by name ?
0
 
LVL 5

Expert Comment

by:kmotaweh
ID: 19615370
are you having a problem on the clients machines logon or it's only from this machine
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 19615374
The server is not finding the DC. Did you use fixed IP or dhcp on the server? IF used fixed IP check the ip ddress & the mask and the preferred DNS server.

If not help, check if the server already has a computer account in AD. If so remove it and restart the netlogon service on your DC before rejoining the server to the domain.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:Ampletrix
ID: 19621786
I have configured TCP/IP correctly and made sure I can ping all the DC's on the network. It has the same DNS entries as all the DC's. I can ping both Netbios names and IP's.

What I've done up to now is:
Installed Windows Server 2003 Std.
Installed SP2
Updated all the security updates.
Setup network settings.
Added to domain: Domain1.

I also get a entry in the applicaion log with the following details:
EventID:   1053
Source:     Userenv
Catagory: None
Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted.) Group Policy processing aborted.

I believe that the domain has been changed from "Domain1" to "ACT.LCM".
This error happens right after the secure channel one.

When I use "NetDiag" tool, It tells me that the secure channel is all good with one of the AD DC servers.

Cheers for the help.
Ampletrix.


0
 

Author Comment

by:Ampletrix
ID: 19622112
I've just finished doing exactly what ormerodrutter suggested, and same thing happened. It happens when I add the server to Domain: Domain1 and ACT.LCM
DNS records are correct (I think) and I can ping/browes the server. Using NETDOM command to verify the secure link between my new server and the domain works fine. Keep getting this error.
The other thing is that when I load Citrix onto this server and try to add it to the existing Citrix farm, I get loads of Authentication issues.  
0
 
LVL 5

Accepted Solution

by:
kmotaweh earned 1500 total points
ID: 19660076
try to go the computers ou on your active directory users and computers console and try to reset the computer account and restart and try again i think it could be an sid problem
0
 

Author Comment

by:Ampletrix
ID: 19660156
I found that the Gigabite Broadcom adaptors did not like the "Media sensing" feuture from microsoft.
Added a registry key to \hklm\system\currentcontrolset\services\tcpip\parameters - added a "DWORD" DisableDHCDMediaSense = 1.
This made all my issues go away.
Thanks anyway.
0
 

Author Comment

by:Ampletrix
ID: 19660187
I can't close my own question. None of the suggestions was right. How do I close my question? Does anyone want the points?
0
 

Expert Comment

by:cheesegrits
ID: 20834535
Just a quick correction - the key name referenced above should be DisableDHCPMediaSense, not DisableDHCDMediaSense.

Here is BroadCom's tech note, which references an MS KB article on the subject:

http://www.broadcom.com/support/ethernet_nic/faq_drivers.php#101

I'm reasearching a similar problem.  We switched our mail server to a new switch last week, and ever since we've been getting sporadic login failures and that Netlogon error complaining about not being able to establish a secure session.

We do indeed run Broadcoms in an 802.3ad team, so I'm hoping this will be the magic bullet for us!

I'll update this thread if it does fix our problem.

   -- hugh
0
 

Author Comment

by:Ampletrix
ID: 20836340
Hello,

Apologies for the spelling - bad mistake.
Ampletrix
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenDesktop 7.6 Citrix Policies Audio
Know what services you can and cannot, should and should not combine on your server.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question