?
Solved

Messenger Service

Posted on 2011-09-14
11
Medium Priority
?
362 Views
Last Modified: 2012-05-12
When I turn on the Messenger Service on my computer, I started receiving the following something like this:

Message from ONESERVER to XPUSER on 9/14/2011 07:00:01 AM
From:  NETLOGON at \\ONESERVER
To:  ME XPUSER
Subj:  ** ADMINISTRATOR ALERT **
Date:  9/14/2011 07:00:01 AM
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

To explain further: The "ONESERVER" (Win2000) is one of the domain controllers of "ONEDOMAIN" name.   The "ANOTHERDOMAIN" is another domain name and has nothing to do with ONESERVER.  ANOTHERDOMAIN's primary domain controller is running on Win2003 SBS version; so why is ONESERVER complaining to the XPUSER using XPUSER's Messenger service?
 
0
Comment
Question by:grazal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
11 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36540328
Though the message appears to be direct to the XP machine/user it is likely a broadcast message to all machines.
0
 

Author Comment

by:grazal
ID: 36543674
how do you avoid it?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36543854
Turn off messaging :-) it has been eliminated in newer O/S's and is considered a security threat.
Alternatively review the event logs on the 2000 DC and see if you can find out what is generating the message/alert.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:grazal
ID: 36544675
Here is the Event Log on the "ANOTHERDOMAIN.local" Wind2003 SBS version:

Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ANOTHERDOMAIN.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

And Here is the Event Log on the Win2000:
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

I checked both their DNS and WINS under TCP/IP and they are both using the same setup and both DNS and WINS are legit.    Please suggest what else can I do stop both my servers from complaining...

0
 

Author Comment

by:grazal
ID: 36544872
Another thing I found out is that although ANOTHERDOMAIN.local server/computer can ping most users/computers of the ONESERVER domain.  Although ONESERVER domain computers and its users are able to map and connect to ANOTHERDOMAIN.local computer, the ANOTHERDOMAIN.local server/computer cannot map nor cannot connect to any other computers/drives (although it can ping them)....
0
 

Author Comment

by:grazal
ID: 36544941
Sorry, I have a correction on the Event Log for the ANOTHERDOMAIN.local Event Log above.  The first sentence should read as follows:

"Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.ANOTHERDOMAIN.local.' failed."
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 1000 total points
ID: 36545084
After re-reading the original message, I asssume the anotherdomain server makes connections to the oneserver for file shares or similar reasons. The message is becasue the server is not part of the domain. You likly cannot disable that message, unless you want to create trusts between the two domains.
0
 

Author Comment

by:grazal
ID: 36545652
In line with your assumption, yes, the ANOTHERDOMAIN server is currently mapped to several computers under ONESERVER domain (all shown as "Disconnected Network Drive" with red icon) -- and when you double click any of them, they now fail to connect.

Background info:  A couple of weeks ago, we created ONESERVER Win2000/2003)active directory domain as our primary DC connecting all our users and computers to this domain except for the ANOTHERDOMAIN running on Win2003 SBS version.  That's when I believe the warning messages started to pop-up.    We tried to make the ANOTHERDOMAIN become a member of the ONESERVER domain but failed because due to the the nature of the Windows 2003 SBS, it wants to remain the primary domain controller.  Also, the third party application database failed to run on this ANOTHERDOMAIN server, so luckily we were able to restore it back using the ghosted copy.

Now, do you think that if I disconnect the networkd drive mappings used by ANOTHERDOMAIN, the messages would stop?  OR is it possible to create trust with the other DCs without stepping on each others' toes?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 36546462
I don't understand why you would create a new domain with a 2000 server. There is no support for it any longer, thus no security updates either. Regardless unless there is a reason you have to maintain two domains, I would update the schema on th 200 server, DCpromo the anotherdomain server to demote is as a DC, join it to the 2000 domain, and then run DCPromo again to join it to the new domain.
0
 

Assisted Solution

by:grazal
grazal earned 0 total points
ID: 36904634
You may be right about creating trusts between the two dc domains but cannot be done because win 2003 SBS version has limitations establishing trusts ---only wants to do forest trust and cannot do external trusts.  Then we would have to convert from native 2000 to 2003 which is irreversible.   Too much risk!   We decided we just have to live with our current situation.  Plus, you cannot demote and then join the Win 2003 SBS to other domain because it does not allow it.  Win 2003 SBS wants/needs to be the primary domain contoller (it's built that way) and we cannot let that happen.  

Anyway, thank you for your time spent...that's where the points are awarded...

Please close and please reward Robwill 250 points.....
0
 

Author Closing Comment

by:grazal
ID: 37181713
not a complete solution
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question