Netlogon service - not able to set up a secure session with a domain controller in domain Domain1

Posted on 2007-08-01
Last Modified: 2008-03-17
I've just fininshed building a Windows Server 2003 with SP2 and all the security updates. Then adding it to my domain and I keep getting this error below.
I rebuilt the server tottaly and get the same error. I'd like to put Citrix 4.5 presentaion on it, but would like to fix this first.


This computer was not able to set up a secure session with a domain controller in domain DOMAIN1 due to the following:
There are currently no logon servers available to service the logon request.  
Question by:Ampletrix
    LVL 9

    Expert Comment

    Check your DNS settings on the new server.
    Can you ping your DC by name ?
    LVL 5

    Expert Comment

    are you having a problem on the clients machines logon or it's only from this machine
    LVL 23

    Expert Comment

    The server is not finding the DC. Did you use fixed IP or dhcp on the server? IF used fixed IP check the ip ddress & the mask and the preferred DNS server.

    If not help, check if the server already has a computer account in AD. If so remove it and restart the netlogon service on your DC before rejoining the server to the domain.

    Author Comment

    I have configured TCP/IP correctly and made sure I can ping all the DC's on the network. It has the same DNS entries as all the DC's. I can ping both Netbios names and IP's.

    What I've done up to now is:
    Installed Windows Server 2003 Std.
    Installed SP2
    Updated all the security updates.
    Setup network settings.
    Added to domain: Domain1.

    I also get a entry in the applicaion log with the following details:
    EventID:   1053
    Source:     Userenv
    Catagory: None
    Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted.) Group Policy processing aborted.

    I believe that the domain has been changed from "Domain1" to "ACT.LCM".
    This error happens right after the secure channel one.

    When I use "NetDiag" tool, It tells me that the secure channel is all good with one of the AD DC servers.

    Cheers for the help.


    Author Comment

    I've just finished doing exactly what ormerodrutter suggested, and same thing happened. It happens when I add the server to Domain: Domain1 and ACT.LCM
    DNS records are correct (I think) and I can ping/browes the server. Using NETDOM command to verify the secure link between my new server and the domain works fine. Keep getting this error.
    The other thing is that when I load Citrix onto this server and try to add it to the existing Citrix farm, I get loads of Authentication issues.  
    LVL 5

    Accepted Solution

    try to go the computers ou on your active directory users and computers console and try to reset the computer account and restart and try again i think it could be an sid problem

    Author Comment

    I found that the Gigabite Broadcom adaptors did not like the "Media sensing" feuture from microsoft.
    Added a registry key to \hklm\system\currentcontrolset\services\tcpip\parameters - added a "DWORD" DisableDHCDMediaSense = 1.
    This made all my issues go away.
    Thanks anyway.

    Author Comment

    I can't close my own question. None of the suggestions was right. How do I close my question? Does anyone want the points?

    Expert Comment

    Just a quick correction - the key name referenced above should be DisableDHCPMediaSense, not DisableDHCDMediaSense.

    Here is BroadCom's tech note, which references an MS KB article on the subject:

    I'm reasearching a similar problem.  We switched our mail server to a new switch last week, and ever since we've been getting sporadic login failures and that Netlogon error complaining about not being able to establish a secure session.

    We do indeed run Broadcoms in an 802.3ad team, so I'm hoping this will be the magic bullet for us!

    I'll update this thread if it does fix our problem.

       -- hugh

    Author Comment


    Apologies for the spelling - bad mistake.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    #Citrix #XenApp #Citrix Scout #Citrix Insight Services #Microsoft VMMAP #Microsoft ADEXPLORE #Microsoft RAMMAP #Microsoft TCPVIEW #Microsoft AUTORUNS #Microsoft PROCESS EXPLORER #Microsoft PROCESS MONITOR
    Citrix XenDesktop 7.6 Citrix Policies Graphics
    How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
    This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now