Unable to connect to the NETLOGON share! Server 2008

Hi All:

Prove your stock!

This is my DCDIAG /fix report.  How can I repair this?  (See Below for other reports)

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.SERVER NAME>dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = SERVER NAME
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER NAME
      Starting test: Connectivity
         ......................... SERVER NAME passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER NAME
      Starting test: Advertising
         ......................... SERVER NAME passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL replication problems
         may cause Group Policy problems.
         ......................... SERVER NAME passed test FrsEvent
      Starting test: DFSREvent
         ......................... SERVER NAME passed test DFSREvent
      Starting test: SysVolCheck
         ......................... SERVER NAME passed test SysVolCheck
      Starting test: KccEvent
         A warning event occurred.  EventID: 0x80000603
            Time Generated: 10/18/2013   22:54:22
            Event String:
            Active Directory Domain Services could not disable the software-based disk write cache on the following hard disk.
         A warning event occurred.  EventID: 0x80000603
            Time Generated: 10/18/2013   22:54:22
            Event String:
            Active Directory Domain Services could not disable the software-based disk write cache on the following hard disk.
         A warning event occurred.  EventID: 0x80000603
            Time Generated: 10/18/2013   22:54:22
            Event String:
            Active Directory Domain Services could not disable the software-based disk write cache on the following hard disk.
         A warning event occurred.  EventID: 0x80000B46
            Time Generated: 10/18/2013   22:54:35
            Event String:
            The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate,  Kerber
os, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that  are performed on a cleartex
t (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, configuring the server to reject them will improve the secur
ity of this server.
         ......................... SERVER NAME passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... SERVER NAME passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         Warning:  Attribute userAccountControl of SERVER NAME is: 0x82020 = ( PASSWD_NOTREQD | SERVER_TRUST_ACCOUNT | TRUSTED_FOR_DELEGATION )
         Typical setting for a DC is 0x82000 = ( SERVER_TRUST_ACCOUNT | TRUSTED_FOR_DELEGATION )
         This may be affecting replication?
         ......................... SERVER NAME passed test MachineAccount
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=DomainDnsZones,DC=<domain name>,DC=int
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=ForestDnsZones,DC=<domain name>,DC=int
         ......................... SERVER NAME failed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\SERVER NAME\netlogon)
         [SERVER NAME] An net use or LsaPolicy operation failed with error 67, The network name cannot be found..
         ......................... SERVER NAME failed test NetLogons
      Starting test: ObjectsReplicated
         ......................... SERVER NAME passed test ObjectsReplicated
      Starting test: Replications
         ......................... SERVER NAME passed test Replications
      Starting test: RidManager
         ......................... SERVER NAME passed test RidManager
      Starting test: Services
         ......................... SERVER NAME passed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:08:31
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:13:34
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:18:35
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 10/18/2013   22:21:38
            Event String: Name resolution for the name <domain name>.int timed out after none of the configured DNS servers responded.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 10/18/2013   22:21:43
            Event String: Name resolution for the name <domain name>.int timed out after none of the configured DNS servers responded.
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:23:36
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:28:36
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x0000164A
            Time Generated: 10/18/2013   22:29:50
            Event String:
            The Netlogon service could not create server share D:\Windows\SYSVOL\sysvol\<domain name>.int\SCRIPTS.  The following error occurred:
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 10/18/2013   22:30:28
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain '<domain name>.int.' failed.  These records are us
ed by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP ser
ver (if the specified domain is an application partition).
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 10/18/2013   22:30:28
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.<domain name>.int.' failed.  These
 records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or
 as an LDAP server (if the specified domain is an application partition).
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 10/18/2013   22:30:29
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.<domain name>.int.' failed.  These
 records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or
 as an LDAP server (if the specified domain is an application partition).
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:33:39
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:38:42
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:43:43
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:44:04
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:48:46
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 10/18/2013   22:54:22
            Event String: The driver detected that the device \Device\Harddisk0\DR0 has its write cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 10/18/2013   22:54:22
            Event String: The driver detected that the device \Device\Harddisk0\DR0 has its write cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x80040020
            Time Generated: 10/18/2013   22:54:22
            Event String: The driver detected that the device \Device\Harddisk0\DR0 has its write cache enabled. Data corruption may occur.
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 10/18/2013   22:54:29
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could
not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the exi
sting KDC certificate using certutil.exe or enroll for a new KDC certificate.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 10/18/2013   22:54:28
            Event String:
            Name resolution for the name _ldap._tcp.dc._msdcs.<domain name>.int timed out after none of the configured DNS servers responded.
         An error event occurred.  EventID: 0x0000164A
            Time Generated: 10/18/2013   22:54:41
            Event String:
            The Netlogon service could not create server share D:\Windows\SYSVOL\sysvol\<domain name>.int\SCRIPTS.  The following error occurred:
         An error event occurred.  EventID: 0x0000041F
            Time Generated: 10/18/2013   22:54:43
            Event String:
            The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the f
ollowing:
         An error event occurred.  EventID: 0xC0001B81
            Time Generated: 10/18/2013   22:54:46
            Event String:
            The ChargeItPro Server service was unable to log on as SERVER NAME\cip2 with the currently configured password due to the following
 error:
         An error event occurred.  EventID: 0xC0001B58
            Time Generated: 10/18/2013   22:54:46
            Event String: The ChargeItPro Server service failed to start due to the following error:
         A warning event occurred.  EventID: 0x00002724
            Time Generated: 10/18/2013   22:55:04
            Event String:
            This computer has at least one dynamically assigned IPv6 address.For reliable DHCPv6 server operation, you should use only stati
c IPv6 addresses.
         An error event occurred.  EventID: 0xC0002720
            Time Generated: 10/18/2013   22:56:32
            Event String:
            The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 10/18/2013   22:57:43
            Event String: The WinRM service failed to create the following SPNs: WSMAN/SERVER NAME.<domain name>.int; WSMAN/SERVER NAME.
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   22:59:46
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   23:03:27
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         An error event occurred.  EventID: 0x00000457
            Time Generated: 10/18/2013   23:03:29
            Event String:
            Driver HP Officejet 4500 G510g-m required for printer HP Officejet 4500 G510g-m (Copy 1) is unknown. Contact the administrator t
o install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 10/18/2013   23:03:30
            Event String:
            Driver HP Officejet 4500 G510g-m required for printer HP Officejet 4500 G510g-m is unknown. Contact the administrator to install
 the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 10/18/2013   23:03:32
            Event String:
            Driver HP Officejet 4500 G510g-m fax required for printer HP Officejet 4500 G510g-m (Copy 1) fax is unknown. Contact the adminis
trator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 10/18/2013   23:03:33
            Event String:
            Driver HP Photosmart 2570 series required for printer HP Photosmart 2570 series is unknown. Contact the administrator to install
 the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 10/18/2013   23:03:38
            Event String:
            Driver Send To Microsoft OneNote 2010 Driver required for printer Send To OneNote 2010 is unknown. Contact the administrator to
install the driver before you log in again.
         An error event occurred.  EventID: 0x00000422
            Time Generated: 10/18/2013   23:04:49
            Event String:
            The processing of Group Policy failed. Windows attempted to read the file \\<domain name>.int\sysvol\<domain name>.int\Policies\{31B2F340-016D-11D
2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is r
esolved. This issue may be transient and could be caused by one or more of the following:
         ......................... SERVER NAME failed test SystemLog
      Starting test: VerifyReferences
         ......................... SERVER NAME passed test VerifyReferences


   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : <domain name>
      Starting test: CheckSDRefDom
         ......................... <domain name> passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... <domain name> passed test CrossRefValidation

   Running enterprise tests on : <domain name>.int
      Starting test: LocatorCheck
         ......................... <domain name>.int passed test LocatorCheck
      Starting test: Intersite
         ......................... <domain name>.int passed test Intersite

C:\Users\administrator.SERVER NAME>

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Here is my netdom query FSMO Report:

C:\Users\administrator.domain>netdom query FSMO
Schema master                                 myserver.domain.com
Domain naming master                    myserver.domain.com
PDC                                                   myserver.domain.com
RID pool manager                                myserver.domain.com
Infrastructure master                           myserver.domain.com
The command completed successfully.
timarnold000Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DhananjayTechnical ConsultantCommented:
Make sure you are able to access your sysvol and netlogon folder and check the ntfs permission assign on the folder.

Run the command net share to check you sysvol and netlogon folder share or not .

You can reinitialize the sysvol and netlogon folder to resolve your issue. Before perform the activity take backup of sysvol folder.

To reinitialize folder refer below link :

http://support.microsoft.com/kb/316790

http://support.microsoft.com/kb/315457
0
David Paris VicenteSystems and Comunications  Administrator Commented:
Can you do a net view \\machinename.domainname
Can you post repadmin /showrepl * /errorsonly and post?

Do you have any netlogon, DNS, replications and drectory services errors on event viewer domain controller?

Can you confirm that the policy name exists on the: \\machinename\SYSVOL\domain\Policies
0
snusgubbenCommented:
Is SYSVOL shared? \\dcname\sysvol

If SYSVOL is shared but NETLOGON is not:

http://support.microsoft.com/kb/947022/en-us
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

SandeshdubeySenior Server EngineerCommented:
UserAccountControl of DC  as it is incorrect you need to set it to 532480 from adsiedit.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/057d3dc5-9f3d-4078-8957-25a2912fa3af/0x82000-servertrustaccount-trustedfordelegation-and-home-server-initial-setup-entry-in?forum=winserverDS

Also the netlogon share is missing,Check the sysvol and netlogon share are available or not.Ran net share command to check the same.

Check the sysvol folder are the policies and script folder replicated or not.If it is not replicated you need to perfromnon authorative of sysvol folder to fix the same.

On the server where sysvol is missing perform d2 non authorative restore of sysvol:http://support.microsoft.com/kb/290762

Hope this helps
0
timarnold000Author Commented:
1. Able to access shares across network
2. SQL server functions across network
3. Able to see sysvol share and netlogon

Repadmin /showrepl:

Repadmin: running command /showrepl against full DC localhost
Default-First-Site-Name\servername
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 7638e21e-a9c7-4db9-85e9-2422f5aee5b8
DSA invocationID: c75310d7-b646-4be4-8212-671a6d4ecb40

:::::::::::::::::::::::::::::::::::::::::
netdom query fmso:

Schema master                    servername.serverdomain.com
Domain naming master             servername.serverdomain.com
PDC                                     servername.serverdomain.com
RID pool manager                  servername.serverdomain.com
Infrastructure master             servername.serverdomain.com
The command completed successfully.

:::::::::::::::::::::::::
Net share:
Share name   Resource                        Remark

-------------------------------------------------------------------------------
ADMIN$       C:\Windows                      Remote Admin
IPC$                                                     Remote IPC
SYSVOL$     D:\Windows\SYSVOL
shared        D:\shared
SYSVOL       D:\Windows\SYSVOL\sysvol        Logon server share
The command completed successfully.
0
timarnold000Author Commented:
@Sandeshdubey:
how to set adsiedit to 532480

Important:
I only have one server in this network.  Second DC is dead.

In your first link I opened it up and looked for the 1up on the solution.  I click on both links and apparently the owners deleted or killed the servers hosting the solutions.
0
timarnold000Author Commented:
links on this page don't work.  It appears NETLOGON share is very relevant.  There is none!  How to repair? Again links above don't work to rebuild netlogon.  But helpful in getting closer to resolution.
0
timarnold000Author Commented:
The next question is:  How to rebuild NETLOGON, if server is nolonger part of the network?
0
David Paris VicenteSystems and Comunications  Administrator Commented:
Take a look here and see if helps -> Rebuild Sysvol

You also have a lot of errors on DNS reported by DCdiag you should also try to fix that.
0
SandeshdubeySenior Server EngineerCommented:
You need to first verify that script folder is present in sysvol folder Location - %SystemRoot%\sysvol\sysvol\<domain DNS name>\scripts).If not present create the same and then perform authorative restore of sysvol (d4).http://support.microsoft.com/kb/290762

As sysvol share is present you can also follow this :http://support.microsoft.com/kb/947022

If the old DC is dead and if the instances of server is present you need to perfrom metadata cleanup:http://sandeshdubey.wordpress.com/2011/10/12/metadata-cleanup-of-a-domain-controller/

Regarding the UserAccountControl of DC  to set it to 532480 see this KB(method 4):http://support.microsoft.com/kb/837513

Hope this helps
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
timarnold000Author Commented:
The folder location was not there for share.  I simply recreated the netlogon share by going to the location sandeshubey stated and did a authorative restore on sysvol.  Error went away on system.  I also had to create the domain name as it went sysvol -> scripts, everything else in that folder.  and DNS was pointing to sysvol --> domain name --> scripts etc... After resolving path... System works!  

Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.