Messenger Service

Posted on 2011-09-14
Last Modified: 2012-05-12
When I turn on the Messenger Service on my computer, I started receiving the following something like this:

Message from ONESERVER to XPUSER on 9/14/2011 07:00:01 AM
Date:  9/14/2011 07:00:01 AM
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

To explain further: The "ONESERVER" (Win2000) is one of the domain controllers of "ONEDOMAIN" name.   The "ANOTHERDOMAIN" is another domain name and has nothing to do with ONESERVER.  ANOTHERDOMAIN's primary domain controller is running on Win2003 SBS version; so why is ONESERVER complaining to the XPUSER using XPUSER's Messenger service?
Question by:grazal
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
LVL 77

Expert Comment

by:Rob Williams
ID: 36540328
Though the message appears to be direct to the XP machine/user it is likely a broadcast message to all machines.

Author Comment

ID: 36543674
how do you avoid it?
LVL 77

Expert Comment

by:Rob Williams
ID: 36543854
Turn off messaging :-) it has been eliminated in newer O/S's and is considered a security threat.
Alternatively review the event logs on the 2000 DC and see if you can find out what is generating the message/alert.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 36544675
Here is the Event Log on the "ANOTHERDOMAIN.local" Wind2003 SBS version:

Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ANOTHERDOMAIN.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

And Here is the Event Log on the Win2000:
The session setup to the Windows NT or Windows 2000 Domain Controller <Unknown> for the domain ANOTHERDOMAIN failed because the Domain Controller does not have an account for the computer ONESERVER.

I checked both their DNS and WINS under TCP/IP and they are both using the same setup and both DNS and WINS are legit.    Please suggest what else can I do stop both my servers from complaining...


Author Comment

ID: 36544872
Another thing I found out is that although ANOTHERDOMAIN.local server/computer can ping most users/computers of the ONESERVER domain.  Although ONESERVER domain computers and its users are able to map and connect to ANOTHERDOMAIN.local computer, the ANOTHERDOMAIN.local server/computer cannot map nor cannot connect to any other computers/drives (although it can ping them)....

Author Comment

ID: 36544941
Sorry, I have a correction on the Event Log for the ANOTHERDOMAIN.local Event Log above.  The first sentence should read as follows:

"Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.ANOTHERDOMAIN.local.' failed."
LVL 77

Accepted Solution

Rob Williams earned 250 total points
ID: 36545084
After re-reading the original message, I asssume the anotherdomain server makes connections to the oneserver for file shares or similar reasons. The message is becasue the server is not part of the domain. You likly cannot disable that message, unless you want to create trusts between the two domains.

Author Comment

ID: 36545652
In line with your assumption, yes, the ANOTHERDOMAIN server is currently mapped to several computers under ONESERVER domain (all shown as "Disconnected Network Drive" with red icon) -- and when you double click any of them, they now fail to connect.

Background info:  A couple of weeks ago, we created ONESERVER Win2000/2003)active directory domain as our primary DC connecting all our users and computers to this domain except for the ANOTHERDOMAIN running on Win2003 SBS version.  That's when I believe the warning messages started to pop-up.    We tried to make the ANOTHERDOMAIN become a member of the ONESERVER domain but failed because due to the the nature of the Windows 2003 SBS, it wants to remain the primary domain controller.  Also, the third party application database failed to run on this ANOTHERDOMAIN server, so luckily we were able to restore it back using the ghosted copy.

Now, do you think that if I disconnect the networkd drive mappings used by ANOTHERDOMAIN, the messages would stop?  OR is it possible to create trust with the other DCs without stepping on each others' toes?
LVL 77

Expert Comment

by:Rob Williams
ID: 36546462
I don't understand why you would create a new domain with a 2000 server. There is no support for it any longer, thus no security updates either. Regardless unless there is a reason you have to maintain two domains, I would update the schema on th 200 server, DCpromo the anotherdomain server to demote is as a DC, join it to the 2000 domain, and then run DCPromo again to join it to the new domain.

Assisted Solution

grazal earned 0 total points
ID: 36904634
You may be right about creating trusts between the two dc domains but cannot be done because win 2003 SBS version has limitations establishing trusts ---only wants to do forest trust and cannot do external trusts.  Then we would have to convert from native 2000 to 2003 which is irreversible.   Too much risk!   We decided we just have to live with our current situation.  Plus, you cannot demote and then join the Win 2003 SBS to other domain because it does not allow it.  Win 2003 SBS wants/needs to be the primary domain contoller (it's built that way) and we cannot let that happen.  

Anyway, thank you for your time spent...that's where the points are awarded...

Please close and please reward Robwill 250 points.....

Author Closing Comment

ID: 37181713
not a complete solution

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question