Jiggens
asked on
Server 2008 Unable to access Active Directory on DC
I am having an issue trying to access my Active Directory on my Server 2008. If i log off i get an error that i cant find a user account to login to the server. If i restart the server it works fine. This just started happening out of the blue.
I am also getting an error message see attachment.
5-14-2009-4-13-44-PM.jpg
I am also getting an error message see attachment.
5-14-2009-4-13-44-PM.jpg
ASKER
its already started and still didnt give me access to AD
ASKER
here is something strange if go to admin tools than users and computers i get the error, but if i access through server manager i can get the active directory and there are no errors. Seems like a security issue to me .
trying typing dsa.msc in the run prompt
Start > RUN > dsa.msc
This is AD U&C
Start > RUN > dsa.msc
This is AD U&C
Disable the service above and enable it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Is the time on the machine and the domain machines properly syncronized? RPC service running?
The "RPC server unavailable" error can occur for the following reasons:
DNS problems
Time synchronization problem
RPC service is not running
Network connectivity problem
Procedures for Troubleshooting RPC Server Problems
See "Troubleshooting Active Directory-Related DNS Problems to identify and resolve DNS issues."
See "Troubleshooting Windows Time Service Problems" to identify and resolve time synchronization issues.
If the RPC service is not running, start the RPC service. If the RPC service is running, stop and start the RPC service.
Verify network connectivity and resolve any issues.
The "RPC server unavailable" error can occur for the following reasons:
DNS problems
Time synchronization problem
RPC service is not running
Network connectivity problem
Procedures for Troubleshooting RPC Server Problems
See "Troubleshooting Active Directory-Related DNS Problems to identify and resolve DNS issues."
See "Troubleshooting Windows Time Service Problems" to identify and resolve time synchronization issues.
If the RPC service is not running, start the RPC service. If the RPC service is running, stop and start the RPC service.
Verify network connectivity and resolve any issues.
ASKER
Its locked out i cant stop the RPC service. its greyed out.
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv
Date: 5/14/2009 3:31:17 PM
Event ID: 4013
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: JSERVER.jiggenscomputers.c
Description:
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DN
<EventID Qualifiers="32768">4013</E
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2009-05-14T22:
<EventRecordID>136</EventR
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>JSERVER.jiggensc
<Security />
</System>
<EventData Name="DNS_EVENT_DS_OPEN_WA
</EventData>
</Event>
Log Name: DNS Server
Source: Microsoft-Windows-DNS-Serv
Date: 5/14/2009 3:31:17 PM
Event ID: 4013
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: JSERVER.jiggenscomputers.c
Description:
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DN
<EventID Qualifiers="32768">4013</E
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2009-05-14T22:
<EventRecordID>136</EventR
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>DNS Server</Channel>
<Computer>JSERVER.jiggensc
<Security />
</System>
<EventData Name="DNS_EVENT_DS_OPEN_WA
</EventData>
</Event>
Some reasons why it may need this:
1) Legacy clients such as Win9x & WinNT require NetBIOS resolution to find
resources in a Microsoft Windows network
2) Legacy applications requiring NetBIOS resolution
3) 'My Network Places' browsing (formerly known as 'Network Neighborhood')
4) External trusts with NT domains
5) Cluster service issues
6) Exchange server issues sometimes
7) NetBIOS is required to restrict a user to using a specific "computer" or
"set of computers."