Solved

Messenger Service

Posted on 2011-09-14
11
354 Views
Last Modified: 2012-05-12
When I turn on the Messenger Service on my computer, I started receiving the following something like this:

Message from ONESERVER to XPUSER on 9/14/2011 07:00:01 AM
From:  NETLOGON at \\ONESERVER
To:  ME XPUSER
Subj:  ** ADMINISTRATOR ALERT **
Date:  9/14/2011 07:00:01 AM
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

To explain further: The "ONESERVER" (Win2000) is one of the domain controllers of "ONEDOMAIN" name.   The "ANOTHERDOMAIN" is another domain name and has nothing to do with ONESERVER.  ANOTHERDOMAIN's primary domain controller is running on Win2003 SBS version; so why is ONESERVER complaining to the XPUSER using XPUSER's Messenger service?
 
0
Comment
Question by:grazal
  • 7
  • 4
11 Comments
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Though the message appears to be direct to the XP machine/user it is likely a broadcast message to all machines.
0
 

Author Comment

by:grazal
Comment Utility
how do you avoid it?
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Turn off messaging :-) it has been eliminated in newer O/S's and is considered a security threat.
Alternatively review the event logs on the 2000 DC and see if you can find out what is generating the message/alert.
0
 

Author Comment

by:grazal
Comment Utility
Here is the Event Log on the "ANOTHERDOMAIN.local" Wind2003 SBS version:

Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ANOTHERDOMAIN.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

And Here is the Event Log on the Win2000:
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

I checked both their DNS and WINS under TCP/IP and they are both using the same setup and both DNS and WINS are legit.    Please suggest what else can I do stop both my servers from complaining...

0
 

Author Comment

by:grazal
Comment Utility
Another thing I found out is that although ANOTHERDOMAIN.local server/computer can ping most users/computers of the ONESERVER domain.  Although ONESERVER domain computers and its users are able to map and connect to ANOTHERDOMAIN.local computer, the ANOTHERDOMAIN.local server/computer cannot map nor cannot connect to any other computers/drives (although it can ping them)....
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:grazal
Comment Utility
Sorry, I have a correction on the Event Log for the ANOTHERDOMAIN.local Event Log above.  The first sentence should read as follows:

"Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.ANOTHERDOMAIN.local.' failed."
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 250 total points
Comment Utility
After re-reading the original message, I asssume the anotherdomain server makes connections to the oneserver for file shares or similar reasons. The message is becasue the server is not part of the domain. You likly cannot disable that message, unless you want to create trusts between the two domains.
0
 

Author Comment

by:grazal
Comment Utility
In line with your assumption, yes, the ANOTHERDOMAIN server is currently mapped to several computers under ONESERVER domain (all shown as "Disconnected Network Drive" with red icon) -- and when you double click any of them, they now fail to connect.

Background info:  A couple of weeks ago, we created ONESERVER Win2000/2003)active directory domain as our primary DC connecting all our users and computers to this domain except for the ANOTHERDOMAIN running on Win2003 SBS version.  That's when I believe the warning messages started to pop-up.    We tried to make the ANOTHERDOMAIN become a member of the ONESERVER domain but failed because due to the the nature of the Windows 2003 SBS, it wants to remain the primary domain controller.  Also, the third party application database failed to run on this ANOTHERDOMAIN server, so luckily we were able to restore it back using the ghosted copy.

Now, do you think that if I disconnect the networkd drive mappings used by ANOTHERDOMAIN, the messages would stop?  OR is it possible to create trust with the other DCs without stepping on each others' toes?
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
I don't understand why you would create a new domain with a 2000 server. There is no support for it any longer, thus no security updates either. Regardless unless there is a reason you have to maintain two domains, I would update the schema on th 200 server, DCpromo the anotherdomain server to demote is as a DC, join it to the 2000 domain, and then run DCPromo again to join it to the new domain.
0
 

Assisted Solution

by:grazal
grazal earned 0 total points
Comment Utility
You may be right about creating trusts between the two dc domains but cannot be done because win 2003 SBS version has limitations establishing trusts ---only wants to do forest trust and cannot do external trusts.  Then we would have to convert from native 2000 to 2003 which is irreversible.   Too much risk!   We decided we just have to live with our current situation.  Plus, you cannot demote and then join the Win 2003 SBS to other domain because it does not allow it.  Win 2003 SBS wants/needs to be the primary domain contoller (it's built that way) and we cannot let that happen.  

Anyway, thank you for your time spent...that's where the points are awarded...

Please close and please reward Robwill 250 points.....
0
 

Author Closing Comment

by:grazal
Comment Utility
not a complete solution
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now