Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Userenv Event ID: 1030 and 1053 errors occurring after joining Windows 2003 Server to internet

Posted on 2007-11-26
12
Medium Priority
?
631 Views
Last Modified: 2008-11-01
I have recently been asked to give our one and only Windows 2003 Server access to the internet. The reason for this is one of the applications installed on the server can no longer use dialup to download data updates, and must now use broadband via the router that was installed a few years back. This server currently manages all services inc. file server, print server, terminal services, DNS, DHCP, AD and a few shared applications.

To prevent the server from previously access the internet (and to stop terminal service users from accessing the internet), we simply removed the gateway information in the network adaptor on the server. This has been working fine for about three years, and the server never missed a beat. After adding the gateway information into the network adaptor, services began to fail. Every five minutes, we are getting a Userenv Event ID: 1030 being generated, followed by a Userenv Event ID: 1053 two minutes there after. The SQL service will stop responding (which doesn't generate an event in the event log), and all the shared printers on the network stop responding as well (local TCP/IP printers aren't effected). About 30 minutes later, DNS and Group Policty Management are unbrowsable (I get a message 'The server is not operational'. As before, no events are generated in the event log).

One other strange behaviour I observed, was that when searching for google.com.au in Internet Explorer, it would work for about 10 minutes after adding the gateway information, but shortly there after, it would fail and the status bar shows attempts to search for google.com.au.org, google.com.au.edu, google.com.au.com etc...

The only solution is to restart the server and to remove the gateway information from the server network adaptor. The error is reproducable.

Any suggestions would be greatly appreciated!
0
Comment
Question by:Control_C
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
12 Comments
 
LVL 10

Expert Comment

by:wmeerza
ID: 20354770
Is this server a domain controller? given the amount of services you are running, in particular Terminal Server, i would highly recommend demoting it.
See the following:
http://technet2.microsoft.com/windowsserver/en/library/7c5ff862-ec28-4d62-b1d5-79c4bd544b361033.mspx?mfr=true
I also assume that this server is spec'd up to be able to handle the load (no memory, processor or I/O problems?)
0
 

Author Comment

by:Control_C
ID: 20354857
I have been keeping a close eye on memory and CPU utilisation, and the server is handling the current load without an issues.

This server is a domain controller. I know it's not ideal, but it hasn't caused any issues to date. If we had a spare Win2k3 box I would have moved AD/DNS and the associated FSMO roles across to it, but this is unfortunately not an option.
0
 
LVL 10

Expert Comment

by:wmeerza
ID: 20355294
Have you checked the results of dcdiag?
I have had a look around and looks like it could be a range of issues from DNS to group policy or a bad computer on the LAN. How many NIC's do you have configured on the server?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 10

Expert Comment

by:wmeerza
ID: 20355300
Also, might be woth looking at the group policy modelling, check it for a range of users from Admin to normal.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 20356135
What does DCdiag say?

Have you checked your forwarders in DNS to make sure they go to an outside DNS server?
0
 

Author Comment

by:Control_C
ID: 20356494
I've just re-enabled the gateway on the server network interface, and all tests (for the moment) have passed in DCDiag. I will test again once AD, DNS etc... all fail in 30 minutes or so.

We presently have 12 machines networked at this site. All of the machines plug into the same switch, nothing special at all.

I have set the server network interface to look at its own DNS server only. The DNS forwarder has been configured to look at the router (ADSL modem).

DHCP scope options have also been configured correctly with DNS server IP pointing to the internal server, and Gateway IP pointing to the router (ADSL modem).

wmeerza, what did you mean by checking the group policy modelling?
0
 

Author Comment

by:Control_C
ID: 20356526
Forgot to mention, there are two NIC's in the server, but one is disabled in the hardware manager, so I doubt that this could be causing the problem.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 20358695
Are either the switch or router 1000Mb switches or routers?

Are either the switch or router dumb switches or routers that need spanning tree port fast enabled?
0
 
LVL 10

Expert Comment

by:wmeerza
ID: 20361513
in group policy management select group policy results, you can then right click and run the wizard which allows you to test the policy for machines and specific users which will show you summary, setting & events.
0
 

Author Comment

by:Control_C
ID: 20409449
I believe I have found the problem:

Whilst all the workstations were off, I was unable to replicate any of the problems that I was experiencing earlier. I was eventually able to narrow it down to an incorrectly configured workstation that had been put on the network without being correctly configured.

Firstly, when attempting to access the workstation from the server via the run command \\<workstation> I was getting a "This server's clock is not synchornized with the primary domain controller's clock." So I did a net time \\<server> /set /yes which cleared up all the errors related to this (e.g. Kerberos).

Secondly, the Primary DNS suffix of the computer (under Computer Name in System Properties) was set to a completely different domain from where this workstation was originally from.

Cleaning up both these things have made my network stable... I guess we can close this question.

However, I'm a little surprised that all it took to crash a server was an incorrectly configured workstation... surely there should be safeguards against this sort of issue?

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 22857138
PAQed with no points refunded (of 500)

Computer101
EE Admin
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question