Nexusos
asked on
The Server service terminated with the following error: Access is denied.
When we change the domain administrator password we start having lots problems with services.
On a reboot the Server service will not start with an error of
The Server service terminated with the following error: Access is denied.
As you would expect this is causing loads of other services to fail on boot.
If we change the domain administrator password back to the old password and reboot the server everything works just fine.
I have dug though the event log but there is only the services not starting and Error 7032
The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running
The server is a 2003 SP2 domain controller with all windows updates installed.
All FSMO roles are on this server. There is also Exchange 2003 SP2 installed.
Any help would be much appreciated.
On a reboot the Server service will not start with an error of
The Server service terminated with the following error: Access is denied.
As you would expect this is causing loads of other services to fail on boot.
If we change the domain administrator password back to the old password and reboot the server everything works just fine.
I have dug though the event log but there is only the services not starting and Error 7032
The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running
The server is a 2003 SP2 domain controller with all windows updates installed.
All FSMO roles are on this server. There is also Exchange 2003 SP2 installed.
Any help would be much appreciated.
ASKER
The server service is trying to start as local system account
Do you have multiple DCs?
ASKER
Yes there are 3 in total accross 3 sites. The sites are connected via VPN.
The 2 other server dident have this problem.
The 2 other server dident have this problem.
Are all servers Global Catalogs?
ASKER
Yes all 3 server are global catalogs.
You could try to rebuild the WMI db:
winmgmt /clearadap
winmgmt /kill
winmgmt /unregserver
winmgmt /regserver
winmgmt /resyncperf
winmgmt /clearadap
winmgmt /kill
winmgmt /unregserver
winmgmt /regserver
winmgmt /resyncperf
The server service is responsible for file/print sharing and name pipe sharing. It requires netbios.
The fact that you changed your password back to an older password puzzles me. It is suppost to be using the local system account credentials. In other words, the computer credentials, not the administrator credentials.
Another thing that puzzles me is the server service is not dependent on any other service. Also the browser service is dependent on the server service. So, the only other service that should be effected is the browser service. If you have other services that are not starting, it is probably because of the protocol that you are using. Let's say the netlogon service isn't starting either. That also relies upon netbios.
If it were me, I would troubleshoot netbios. Since the server service is independed, I would concentrate on things like the netbios binding and the transport protocol used to keep the server service communicating between domain computers.
I would also make sure that RPC is working. SMB sharing (file and print shares) requires RPC. So does WMI (Windows Management Instrumentation). So, RPC may be a factor.
Its my guess you are having problems with or have inadvertantly disabled File and printer sharing. Or you are having problems with the RPC service and are failing to authenticate. Please advise.
The fact that you changed your password back to an older password puzzles me. It is suppost to be using the local system account credentials. In other words, the computer credentials, not the administrator credentials.
Another thing that puzzles me is the server service is not dependent on any other service. Also the browser service is dependent on the server service. So, the only other service that should be effected is the browser service. If you have other services that are not starting, it is probably because of the protocol that you are using. Let's say the netlogon service isn't starting either. That also relies upon netbios.
If it were me, I would troubleshoot netbios. Since the server service is independed, I would concentrate on things like the netbios binding and the transport protocol used to keep the server service communicating between domain computers.
I would also make sure that RPC is working. SMB sharing (file and print shares) requires RPC. So does WMI (Windows Management Instrumentation). So, RPC may be a factor.
Its my guess you are having problems with or have inadvertantly disabled File and printer sharing. Or you are having problems with the RPC service and are failing to authenticate. Please advise.
ASKER
I have been and tried a load of things again today.
I have rebuilt the WMI db and that hasent helped at all.
Disabaling the administrator account gives us the same problem as changing the password.
Once the account is enabled again everything works.
I have checked RPC and netbios and every thing seems ok. i am not sure how there can be a problem with them as the server service only has problems when we change the administrator password or desable the account.
When the administrator account is enabled and has the old password the server works fine. no errors in the event log to give you even an idea there is a problem.
I have rebuilt the WMI db and that hasent helped at all.
Disabaling the administrator account gives us the same problem as changing the password.
Once the account is enabled again everything works.
I have checked RPC and netbios and every thing seems ok. i am not sure how there can be a problem with them as the server service only has problems when we change the administrator password or desable the account.
When the administrator account is enabled and has the old password the server works fine. no errors in the event log to give you even an idea there is a problem.
1. What about setting the server service to start with a local admin account
2. Reset the password that you want to change on the domain admin
3. Restart the server service. Does it start?
Yes: Change the service to start as local system account and restart the service. Still problems?
No: Open regedit and compare the "lanmanserver" values on the problem server and on a healthy DC (that don't have these problems).
The "Lanmanserver" reg.settings and the sub keys are located here:
HKLM\System\CurrentControl
SG
2. Reset the password that you want to change on the domain admin
3. Restart the server service. Does it start?
Yes: Change the service to start as local system account and restart the service. Still problems?
No: Open regedit and compare the "lanmanserver" values on the problem server and on a healthy DC (that don't have these problems).
The "Lanmanserver" reg.settings and the sub keys are located here:
HKLM\System\CurrentControl
SG
ASKER
The Lanmanserver reg settings are the same as a working system.
When ever i try to change the account the server service starts as i get this error.
The account specified for this service is different from the account specified for other services running in the same process.
When ever i try to change the account the server service starts as i get this error.
The account specified for this service is different from the account specified for other services running in the same process.
Who is running the server service on your other DCs?
ASKER
The server service starts as "local System account" on all the servers
When you have changed the password for your domain admin. Standing on your problem DC, try to run ie. cmd as the domain admin with the new password. Does it work?
ASKER
I havent tried CMD but I can log in with the new password ok and can start the backup exec services and AV services with the administrator account and the new password.
This was a wierd problem.
The service is set to start as the Local system account, and this account has nothing to do with the domain admin account, so changing the domain admin pw should not affect the local system.
The account has extensive privileges on the local computer, and acts as the computer on the network. This account does not have a password and is not associated with any logged-on user account, so why it don't start the service after you change the domain admin pw is a bloody mistery.
Maybe ChifIT has some good ideas?
SG
The service is set to start as the Local system account, and this account has nothing to do with the domain admin account, so changing the domain admin pw should not affect the local system.
The account has extensive privileges on the local computer, and acts as the computer on the network. This account does not have a password and is not associated with any logged-on user account, so why it don't start the service after you change the domain admin pw is a bloody mistery.
Maybe ChifIT has some good ideas?
SG
a addon: Can you see some errors in the winlogon.log? (%systemroot%\security\log
---------------
Here is a cut&paste from my log:
Kerberos Policy configuration was completed successfully.
Configure machine\system\currentcont
Configure machine\system\currentcont
Configure machine\system\currentcont
---------------
Could there be an issue with the kerberos ticket assignet to the server service (lanmanserver)?
Try to run "klist tickets" and "klist purge"
SG
---------------
Here is a cut&paste from my log:
Kerberos Policy configuration was completed successfully.
Configure machine\system\currentcont
Configure machine\system\currentcont
Configure machine\system\currentcont
---------------
Could there be an issue with the kerberos ticket assignet to the server service (lanmanserver)?
Try to run "klist tickets" and "klist purge"
SG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I'm just curious. What fixed your problem?
SG
SG
I had the same problem on a Windows 2003 64bit SP2. All I did was a complete windows update and the problem went away. In 15 minutes you can do all your updates and be sure that you are covered, for a while :)
SG