Erwin Krisch
asked on
Clients can't login to domain
We are running Windows 2003 Server on our network. Our clients are running on Windows XP Professional. As of today in the morning, all of a sudden, none of our clients can’t connect to the server anymore. When we ping the clients, all seem to reply correctly, but can’t logon to the domain. The Event List tells us there is some problem with the DNS. Does anybody know what could be the problem and how to fix it?
tr rebooting the server
ASKER
Yes, we already did that.
What event is logging that shows a DNS issue?
Are the clients hanging like this ? http://social.technet.microsoft.com/Forums/en/winserverGP/thread/ff0dfa65-f5db-4ef7-8024-f03034111f12
try to install the Microsoft User Profile Hive Cleanup Service (UPHClean) tool on the Windows XP client. UPHClean monitors the computer while Windows is unloading user profiles and forces resources that are open to close. Therefore, the computer can unload and reconcile user profiles.
For more information, please refer to the following Microsoft Knowledge Base article:
837115 Troubleshooting profile unload issues
http://support.microsoft.com/?id=837115
In addition, please disable "Fast Logon" feature for Windows XP to see whether the first logon delay is caused by network delay.
At the same time, please test in Clean Boot to narrow down the cause.
1. Click Start, type "msconfig", press Enter.
2. Switch to Services tab, click Hide all Microsoft services, click Disable all.
3. Switch to Startup tab, click Disable All. Click OK.
4. Restart the client and test.
For more information, please refer to the following Microsoft Knowledge Base article:
837115 Troubleshooting profile unload issues
http://support.microsoft.com/?id=837115
In addition, please disable "Fast Logon" feature for Windows XP to see whether the first logon delay is caused by network delay.
At the same time, please test in Clean Boot to narrow down the cause.
1. Click Start, type "msconfig", press Enter.
2. Switch to Services tab, click Hide all Microsoft services, click Disable all.
3. Switch to Startup tab, click Disable All. Click OK.
4. Restart the client and test.
ASKER
This is the message we get from the Event log:
error 4004
The DNS server was unable to complete directory service enumeration of zone .. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
error 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
error 4004
The DNS server was unable to complete directory service enumeration of zone .. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
error 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Maybe this will help - http://forums.techarena.in/windows-server-help/746986.htm
Make sure DNS server A record is listed in the DNS server. Or this
troubleshooting may help,
Event ID 4004Or Event ID 4015 - The DNS server has encountered a critical
error from the Active Directory. Check that the Active Directory is
functioning properly. ...
http://www.chicagotech.net/troublesh...ventid4004.htm
troubleshooting may help,
Event ID 4004Or Event ID 4015 - The DNS server has encountered a critical
error from the Active Directory. Check that the Active Directory is
functioning properly. ...
http://www.chicagotech.net/troublesh...ventid4004.htm
Maybe this will help:
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS
server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this
server.
5) If there are no A records for this server, add at least one A record
corresponding to an address on this server, that the replication partner can
contact. (In other words, if there multiple IP addresses for this DNS
server, add at least one that is on the same network as the Active Directory
DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner. It is
only necessary that the records are fixed up on enough replication partners
so that every server that replicates with this server will receive (through
replication) the new data.
http://forums.techarena.in/windows-server-help/552535.htm
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS
server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this
server.
5) If there are no A records for this server, add at least one A record
corresponding to an address on this server, that the replication partner can
contact. (In other words, if there multiple IP addresses for this DNS
server, add at least one that is on the same network as the Active Directory
DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner. It is
only necessary that the records are fixed up on enough replication partners
so that every server that replicates with this server will receive (through
replication) the new data.
http://forums.techarena.in/windows-server-help/552535.htm
ASKER
We don't have a local DNS server configured. We share a physical network with another domain which in turn provides us with the DNS addresses. We have nothing to replicate. What do you do in this instance?
So then do you have a trust setup with this other domain? If so, is it running correctly?
ASKER
How can I check?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Does anybody know where the DNS A file is located?
Maybe this will help - https://msmvps.com/blogs/kwsupport/archive/2004/10/23/16537.aspx
It is talking about the Host (A) record in the forward lookup zone.
ASKER
Did not give me more details about fixing this problem.