[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

Messenger Service

When I turn on the Messenger Service on my computer, I started receiving the following something like this:

Message from ONESERVER to XPUSER on 9/14/2011 07:00:01 AM
From:  NETLOGON at \\ONESERVER
To:  ME XPUSER
Subj:  ** ADMINISTRATOR ALERT **
Date:  9/14/2011 07:00:01 AM
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

To explain further: The "ONESERVER" (Win2000) is one of the domain controllers of "ONEDOMAIN" name.   The "ANOTHERDOMAIN" is another domain name and has nothing to do with ONESERVER.  ANOTHERDOMAIN's primary domain controller is running on Win2003 SBS version; so why is ONESERVER complaining to the XPUSER using XPUSER's Messenger service?
 
0
grazal
Asked:
grazal
  • 7
  • 4
2 Solutions
 
Rob WilliamsCommented:
Though the message appears to be direct to the XP machine/user it is likely a broadcast message to all machines.
0
 
grazalAuthor Commented:
how do you avoid it?
0
 
Rob WilliamsCommented:
Turn off messaging :-) it has been eliminated in newer O/S's and is considered a security threat.
Alternatively review the event logs on the 2000 DC and see if you can find out what is generating the message/alert.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
grazalAuthor Commented:
Here is the Event Log on the "ANOTHERDOMAIN.local" Wind2003 SBS version:

Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ANOTHERDOMAIN.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

And Here is the Event Log on the Win2000:
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

I checked both their DNS and WINS under TCP/IP and they are both using the same setup and both DNS and WINS are legit.    Please suggest what else can I do stop both my servers from complaining...

0
 
grazalAuthor Commented:
Another thing I found out is that although ANOTHERDOMAIN.local server/computer can ping most users/computers of the ONESERVER domain.  Although ONESERVER domain computers and its users are able to map and connect to ANOTHERDOMAIN.local computer, the ANOTHERDOMAIN.local server/computer cannot map nor cannot connect to any other computers/drives (although it can ping them)....
0
 
grazalAuthor Commented:
Sorry, I have a correction on the Event Log for the ANOTHERDOMAIN.local Event Log above.  The first sentence should read as follows:

"Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.ANOTHERDOMAIN.local.' failed."
0
 
Rob WilliamsCommented:
After re-reading the original message, I asssume the anotherdomain server makes connections to the oneserver for file shares or similar reasons. The message is becasue the server is not part of the domain. You likly cannot disable that message, unless you want to create trusts between the two domains.
0
 
grazalAuthor Commented:
In line with your assumption, yes, the ANOTHERDOMAIN server is currently mapped to several computers under ONESERVER domain (all shown as "Disconnected Network Drive" with red icon) -- and when you double click any of them, they now fail to connect.

Background info:  A couple of weeks ago, we created ONESERVER Win2000/2003)active directory domain as our primary DC connecting all our users and computers to this domain except for the ANOTHERDOMAIN running on Win2003 SBS version.  That's when I believe the warning messages started to pop-up.    We tried to make the ANOTHERDOMAIN become a member of the ONESERVER domain but failed because due to the the nature of the Windows 2003 SBS, it wants to remain the primary domain controller.  Also, the third party application database failed to run on this ANOTHERDOMAIN server, so luckily we were able to restore it back using the ghosted copy.

Now, do you think that if I disconnect the networkd drive mappings used by ANOTHERDOMAIN, the messages would stop?  OR is it possible to create trust with the other DCs without stepping on each others' toes?
0
 
Rob WilliamsCommented:
I don't understand why you would create a new domain with a 2000 server. There is no support for it any longer, thus no security updates either. Regardless unless there is a reason you have to maintain two domains, I would update the schema on th 200 server, DCpromo the anotherdomain server to demote is as a DC, join it to the 2000 domain, and then run DCPromo again to join it to the new domain.
0
 
grazalAuthor Commented:
You may be right about creating trusts between the two dc domains but cannot be done because win 2003 SBS version has limitations establishing trusts ---only wants to do forest trust and cannot do external trusts.  Then we would have to convert from native 2000 to 2003 which is irreversible.   Too much risk!   We decided we just have to live with our current situation.  Plus, you cannot demote and then join the Win 2003 SBS to other domain because it does not allow it.  Win 2003 SBS wants/needs to be the primary domain contoller (it's built that way) and we cannot let that happen.  

Anyway, thank you for your time spent...that's where the points are awarded...

Please close and please reward Robwill 250 points.....
0
 
grazalAuthor Commented:
not a complete solution
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now