Solved

Windows XP clients can not find domain controller error 5719

Posted on 2010-09-07
27
592 Views
Last Modified: 2012-06-27
Hi

I have recently installed some new PCs with a Jetway NC91-230-LF boards. For some reason these PCs can not find the domain controller, all the other PCs can. I have updated the driver for the onboard nic to the latest but still no joy. I have even tried micosoft KB938449 but still no joy. I have given the clients a static ip address but still the same problem,

The network is a child domain running windows 2003 and the clients have the latest updates installed.

Any ideas?
0
Comment
Question by:Glenhomes
  • 9
  • 7
  • 5
  • +4
27 Comments
 
LVL 9

Expert Comment

by:Gianpiero Rossi
Comment Utility
have you checked the dns configuration of the client? them should point to the dc.
0
 

Author Comment

by:Glenhomes
Comment Utility
yes I have checked that as well, the dns is pointing to the dc.
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
A few things to check , 1) the time is correct on the clients, 2) that the DNS is correctly pointing at the DC ( since the addresses are statically assigned) and 3) depending on the locaiton of the DC that the default GW and routing is in place between the client and DC .. check connectivity.

0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
ANd what is the exact error that you get, any chance of a screen shot ?
0
 
LVL 2

Expert Comment

by:tspreeth
Comment Utility
can you ping from the Dc to the desktops and the other way around also ?
Also can you telnet port 135 from Desktop tp DC.
 
0
 
LVL 3

Expert Comment

by:jarremopoulos
Comment Utility
Hi,

Do you get any error message? Is the problem with logging on domain or general network error? Can you access file shares , www, etc.? Any antivirus software installed on PC's?

Can you get domain name servers info from PC? Start --> Run --> CMD, then nslookup and in nslookup prompt yuor domain. Do you get domain controllers IP address?

0
 
LVL 3

Expert Comment

by:jarremopoulos
Comment Utility
Hi,

Do you get any error message? Is the problem with logging on domain or general network error? Can you access file shares , www, etc.? Any antivirus software installed on PC's?

Can you get domain name servers info from PC? Start --> Run --> CMD, then nslookup and in nslookup prompt yuor domain. Do you get domain controllers IP address?

0
 

Author Comment

by:Glenhomes
Comment Utility
Hi,

I have attached the screen shot and I can telnet to to DC and also use nslookup.

I can log in ok and access the server normally its like there is a problem when starting up and it can not find the DC on startup but when the log in screen applies is seems to have found the dc. This obsously causes problems with group policy.
screen-shot.JPG
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
Errors with W32 time, can i check again your time is correct ?
0
 

Author Comment

by:Glenhomes
Comment Utility
yes the bios time and the windows time is the same as the dc.
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
Can you show us the text for the netlogon error at 12:16:48 ..
0
 

Author Comment

by:Glenhomes
Comment Utility
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5719
Date:            07/09/2010
Time:            12:16:48
User:            N/A
Computer:      PATHEADOFFICE2
Description:
No Domain Controller is available for domain LANGFORD due to the following:
There are currently no logon servers available to service the logon request. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
and the text for one each of the WARNING and ERROR W32Time events....
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 3

Expert Comment

by:jarremopoulos
Comment Utility
Could it be something like this? http://support.microsoft.com/kb/840669. Can you copy/paste C:\windows\debug\usermode\userenv.log here?
0
 

Author Comment

by:Glenhomes
Comment Utility
userenv.log below


USERENV(2d4.2d8) 12:46:45:187 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.2d8) 12:46:45:187 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.2d8) 12:46:45:187 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.58c) 12:47:10:953 ProcessGPOs: The DC for domain LANGFORD is not available at startup. retrying
USERENV(2d4.58c) 12:48:12:953 ProcessGPOs: DC for domain LANGFORD is reachable after retries.
USERENV(2d4.58c) 12:48:13:078 GetGPOInfo:  Local GPO's gpt.ini is not accessible, assuming default state.
USERENV(2d4.438) 12:54:01:812 GetGPOInfo:  Local GPO's gpt.ini is not accessible, assuming default state.
USERENV(2d4.2d8) 12:56:10:875 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.2d8) 12:56:10:875 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.2d8) 12:56:10:875 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(2d4.57c) 12:56:36:609 ProcessGPOs: The DC for domain LANGFORD is not available at startup. retrying
USERENV(2d4.57c) 12:57:37:984 ProcessGPOs: DC for domain LANGFORD is reachable after retries.
USERENV(2d4.57c) 12:57:38:187 GetGPOInfo:  Local GPO's gpt.ini is not accessible, assuming default state.
USERENV(2d4.15c) 12:57:38:265 GetGPOInfo:  Local GPO's gpt.ini is not accessible, assuming default state.
0
 

Author Comment

by:Glenhomes
Comment Utility
error id 29

The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

error id 14
The time provider NtpClient was unable to find a domain controller to use as a time source. NtpClient will try again in 15 minutes.
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
Whats the machines MTU size set to... i only ask as the common aspect seems to be the MB/Network card, i wonder if the MTU setting is different and causing issues ive seen cases where this has been the issue before... i.e http://www.tek-tips.com/viewthread.cfm?qid=1612174&page=1 i know your situation isnt exactly the same... but it might be something to check.

The guy in the post above set his to 1372 and it worked.
0
 
LVL 3

Expert Comment

by:jarremopoulos
Comment Utility
I'd try that GPnetworkTimeoutpolicy fix in registry. Allso you can try to install User Hive Cleanup service found http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en. From command prompt gpupdate /force. Then reboot. Any changes??
0
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
Comment Utility
Hello,

If yours antivirus is with firewall.So please configure the firewall properly & second thing is check the preferred DNS on client machine.Check with nslookup command & also check the DNS server's forward & reverse lookup zones.

Regards,
Tushar Kaskhedikar    
0
 

Author Comment

by:Glenhomes
Comment Utility
I have tried the MTU and installed tjhe User Hive Cleanup service and the registry GPnetworkTimeoutpolicy and still no joy.

I have check all the dns settings and there is no antivirus installed yet as it is a fresh install.

Any more suggestions?
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
have you tried joining any other machines to the domain recently, or is it just the ones you mention above...n.B i'm being specific, logging onto a machine is different, i mean, have any other machines been joined to the domain. I'm trying to determine if this is a domain or a machine issue....
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
Are these new systems trying to communicate using IPv6?

Is your Windows firewall enabled on the new systems?
0
 

Author Comment

by:Glenhomes
Comment Utility
i will try to add a different PC to the domain.

I am using IPv4 and and windwos firewall is disabled.

I am going to try some older versions of the nic driver.
0
 
LVL 3

Expert Comment

by:jarremopoulos
Comment Utility
Then you can try to reset/reinstall TCP/IP stack on client computer. You can find help http://support.microsoft.com/kb/299357. If resetting won`t help you can try to reinstall TCP/IP protocol.

- Start regedit and go HKLM/System/CCS/Services and delete Winsock and Winsock2 keys.

- REboot and after reboot you see "limited connectivity" with your lan interface. Open LAN interface properties and Press Install --> select Protocol and press Add. Then press Have Disk and point path to C:\Windows\inf. Select Internet Protocol (TCP/IP). After install check that Advanced properties (DNS,WINS,etc.) suites your needs.

Check if domain computer account is corrupted?. Reset computer account and join domain again.
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
There was an error in the code of the TCPIP.sys kernel driver. It was a code discrepancy in Service pack 1 of the 2003 server....

If you are using SP1 on the server, download and install SP2.

The discrepancy will cause intermittent access to the server and sometimes you will see error 5719...

Another thing that can cause these discrepancies is a multihomed computer. Multihomed is defined as a comptuer with multiple network adapters for the same computer. This confuses a lot of communications protocols, including the route table and arp cache, DNS, Netbios, and DHCP...
0
 

Author Comment

by:Glenhomes
Comment Utility
I have already got SP2 installed on the server and I only have on NIC enabled on the server, will this still make a difference.

I have tried to add a different PC to the network and it does not have a problem.

I have tried the jetway board on another domain and it contacts without a problem so it must be a problem with this board and the server setup?
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
Comment Utility
OK, on a managed switch Spanning tree has  hold down timers that may exceed the time limit on XP and 2003 server communications. Instead, they recommend you use portfast for anything XP or newer.

Spanning tree is a protocol that prevents Switch L2 loops. SOOOO, any double connections between the switches should be DISCONNECTED if you do not enable spanning tree. Portfast is a protocol that that is the opposite of Spanning tree. Instead of holding the packets and looking for L2 loops, it will forward the packets on.

http://support.microsoft.com/kb/247922

If you have L2 loops and you enable portfast, your network will experience what is called a broadcast flood. this is where traffic loops back to the switches and that loop busies out the Network switches. So, this is a big warning to make sure you do not have ANY double connections between switches.

RECOMMENDED PRACTICE:
If possible, keep spanning tree on all switch to switch  or switch to router configurations. Then portfast on any access ports of the switches.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now