Link to home
Start Free TrialLog in
Avatar of srulison

asked on

Windos 2003 Domain suddenly stopped communicating with all other hosts on the network.

I recently re setup a Windows 2003 SP2 domain controller last week because it crashed a week earlier.  As of last Friday it seemed to be working okay but when I came in this morning, none of the PCs on our network could get logged on.  To be accurate, they to get to the desktop but the logon script does not run.  From the server, I am not able to ping anything on the network even though the network card appears to be properly functioning.

We have been getting some error messages in the event logs which I have listed below.  I am not asking for a solution to every one of these messages but I provided them  in hope that they would provide a clue as tio why the server is not able to ping or communicate with any other device on the network.

Please, we are in desperate need of getthing this problem resolved.

The following is a list of error messages from the domain controller event viewer.

Event Source: MRxSmb  Event ID:8003
The master browser received an announcement from the computer /computer name/ that believes it is the master browser . . etc.  
I believe that I resolved this issue by turing off the computer browser service on the domain controller and leaving it our the ISA firewall server.

Event Source: Userenv  Event ID: 1030
Windows cannot query for a list of Group Policy objects.  Check the event log for possible messages previously logged by the policy engine.

I could not find any events that had policy engine as the source.  I don't know how else I could check for it.

Event Source: LSASRV   Event ID: 40960
The Security system detected an authentication error for the server ldap/server name.domain name.  The failure code from the authentication protocol kerberous was "There are currently no logon servers available to service logon requested.

I am at a loss on how to resolve this issue.
Avatar of Alan_White
Flag of United Kingdom of Great Britain and Northern Ireland image

Start with the basics.  

Can you ping the local address?
Can you ping the gateway?
Have you checked the cabling / link lights?
Might be worht trying the following IP Sec fix which I have had to use several times on 2003 servers.  Note that on the servers that had the problem, i was NOT using IP Sec, it just became corrupt and wrecked the TCPIP stack.
Avatar of srulison


To Allen White,  I can ping the local address from the DC but I am not able to ping the gateway.  When I look at the connection, I see plenty of packets on the sent side but zero on the received side.   I checked the cabling and it seemed to be in good working order.  I even switched to another network card on the server and configured it with the same IP settings, after I removed the setting from the other card of course, to no avail.  Another thing to note, This server also functions as a DHCP server but it would not configure its own network cards.  

I went through the process of resetting the IPSEC as you suggested.  I believe that I entered everything correctly as I did not received any errors when I submitted the commands but is still didn't fix the problem.

Here is another message in the event log that relates to the group policies.

Under the Application event log, Source = Userenv and Event ID = 1058  the message reads,

Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04F9}, CN = Policies, CN = System, DC = PTAB, DC=IL, DC=US.  The file must be present at the location <\\ptab\\sysvol\\Policies\{31B2F340-016D-945F-00C04FB984F9} gpt.ini.  Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied.  Group Policy processing has been aborted.
Avatar of Alan_White
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
After I received your last post I went into the server room and replaced the path cable and connected the server to a different port on the switch and Whooloa it worked!  I was having so many issues with the actual server lately, I just didn't even consider that it may be a totally different component on the network that was having the issue.

FYI I did reboot the server two times after I did the IPSEC reset.

Thank you so much for your help.  It started out a dismal day but it's looking much better now.
Brilliant. Well done.