Solved

SBS 2003 Cannot connect to OEMdomain xxxx

Posted on 2007-11-29
11
1,029 Views
Last Modified: 2012-06-21
Environment:
SBS 2003 R2 basic, new server
One NIC
company.local domain on inside / company.com domain on outside.
Upon setup one of our techs accidently plugged in the "old win 2000 domain controller" with THE SAME domain (netBIOS) wise anyway, not .local :)
After that it kinda "took control" of the domain as some weird error logs were appearing on the SBS 2003 box.  I don't know if its related to that, or after browsing the web... if its cuz we didn't "blow out" and reinstall fresh a Dell OEM pre-install of SBS 2003???
But anyhow we are getting Event ID errors regarding to group policy cannot connect to OEM_SBS_domain with some numbers appended.  
I've read that you can use ADSI to edit but its risky... just trying to decide if we should blow out the install and start over.  Client wouldn't be all that happy, but we want to make it right, and stable ;)
Other little errors are happening with may be related to this like other PC's showing up in the event log on the server as losing their SID etc... we were just re-joining them using \\server\connectcomputer.
Are OEM pre-installs really that bad???  Our guys seem to do like 50/50.  Clean install some and others just open the box and follow prompts.  Out of literally hundreds of installs... never had this issue before... but by browsing I see we are not totally alone!
0
Comment
Question by:tmoon
  • 6
  • 4
11 Comments
 
LVL 1

Author Comment

by:tmoon
ID: 20380331
correction above... meant server/connectcomputer...not backslashes
0
 
LVL 1

Author Comment

by:tmoon
ID: 20383399
Here are the actual App / event log errors.. they are constant every 4-5 minutes.
Also cant open Group Policy Snap In.  It points to that domain.. OEM one... which is NOT our domain by the way.  This is the error upon trying to open group policy snap-in:
"The specified domain either does not exist or could not be contacted"

The DNS event log also makes reference to this "other domain" here is one of the error logs from DNS:
The DNS server encountered a packet addressed to itself on IP address 192.168.0.1. The packet is for the DNS name "OEMSBSDN-3935.local.". The packet will be discarded. This condition usually indicates a configuration error
-----------------------------------------------------------------
Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            11/30/2007
Time:            11:35:00 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SERVER
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
----------------------------------------------------------------------------------------------------------
Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1005
Date:            11/30/2007
Time:            11:40:25 AM
User:            NT AUTHORITY\SYSTEM
Computer:      SERVER
Description:
Windows cannot connect to OEMSBSDN-3935.local domain. (Server Down). Group Policy processing aborted.
---------------------------------------------------------------------------------------
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20383562
The steps outlined in http://support.microsoft.com/kb/888943 should resolve this for you.  But FWIW, I always flatten out an OEM Pre-install and start fresh.

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:tmoon
ID: 20383820
Hey Jeff,
I did the above and it still gives me the error.  maybe I should search for all instances of the OEMSBSDN-3935 and change them.. is there a find feature in ADSIedit???  The only part is in the steps of that article it says (step 6) change to proper "domain name"..... it doesn't specifically mention it, but there is a lot of other "stuff" in that line... so....
Do you change entire line to just domain name???  or just the first part which is the wrong domain name?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 20383893
The line should read something like:

\\YourDomain.local\SysVol\YourDomain.local\Policies\{117082ED-5F7D-4600-A584-41D7C13611BA}

But if it has the OEMSBSDN-3936 in any of those places, then you need to fix it to read YourDomain.local instead.

You need to check all of the policies listed to make sure they are correct.

Jeff
TechSoEasy
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Author Comment

by:tmoon
ID: 20386699
I did follow the KB Article mentioned above.. .however that article references Events 1030 and 1058.
Our Event ID's are 1030 and 1005 as posted above.  I have searched the registry and replaced all instances of OEMSBSDN-3936 with "my domain".  Then rebooted.
Then followed the article above which says to change the CN={31B2F340-016D-11D2-945F-00C04FB984F9},
There are about 10 of such folders listed and I checked all of them and sure enough the wrong domain was in all of them.  So I changed them all.  I looked in other folders but did not see anything.
Rebooted multiple times.
If I clear the event app log and do a cmd > gpupdate, they will reappear.
They also show up by themselves every 4-5 minutes.  
I might put in a call to Dell's gold support since it seems to be an OEM install thing... Microsoft would want a couple hundred bucks so... dont know about that just yet.
Does anyone know of a way to "search" using ADSIedit.msc?  I haven't seen a "find" feature yet.  Are there any 3rd party but "free" :) tools which would give this feature?  Manually trying to look in 10,000 places sucks.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20386825
Let's make sure that your SYSVOL sub-folders are actually named correctly.  Because searching ADSIEdit is not the solution... if it came to that, you should reinstall the server.

So, go to C:\WINDOWS\SYSVOL

In that folder is another folder called sysvol which should have a folder in that named yourdomain.local

There is also a folder called staging areas which should contain a folder named yourdomain.local

Are those correct?

Jeff
TechSoEasy

0
 
LVL 1

Author Comment

by:tmoon
ID: 20386965
FINALLY!!!
Actually is running good now.  Did have to find ALL instances of the rogue domain and replace.  I thought about a re-install... client would definately not be happy with that, since we set up their special vendor software which takes a whole day.
Too bad in ADSIedit you cannot do a "find and replace" :)  I know most people do not and prob should not mess with this area... it would have been a HUGE time saver tonight!  Anyhow... lesson learned... wipe out ALL OEM pre-installs... which kinda sucks... but can't be as bad as this was!  It seems pretty "clean" as far as SBS goes since all we really did was rename LDAP objects.  I guess if I was a VB Script God I would have wrote a quick script which hooked into the directory and replaced them for me... but since I'm not....
Thanks for the tips Jeff... your a great SBS resource on the web!  Keep up the good work!
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20387149
Just to make sure... go ahead and run the SBS Best Practices analyzer, http://sbsurl.com/bpa

Glad you got it worked out though.

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:tmoon
ID: 20387405
Ran bpa.... all good xcept for a few minor things that it always finds...Thx again
0
 

Expert Comment

by:Danbrasco
ID: 21691060
hi tmoon,
I am kindda having the same issue, and i have replaced all the path with mydomain.local as according to http://support.microsoft.com/kb/888943 but still no luck.

could you explain bit more how you resolved the issue.

Thanks in advance.

0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now