For a couple of days my server was down due to a hardware failure. After I fixed the problem and I put the server back online I noticed a problem with the workstations: after login Windows popped up a balloon warning that “Could not reconnect all network drives”
All the drives I had mapped to Samba shares on my Infrant ReadyNAS system were now inaccessible, and they were showing disconnected in Windows Explorer.
Double clicking the shares in Windows Explorer was displaying a logon prompt with the following error “The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you”.
Typing correct credentials was useless. The dialog just came back. Canceling the dialog was going through 2 more logon prompts and displaying a message listing all personal certificates on the machine. Needless to say, those were certificates for another domain and logon eventually failed.
I deleted the disconnected mapped drives and I was able to recreate them without problems and everything was fine again. Until the first reboot, that is. And then again, network drives were disconnected and “The system detected a possible attempt to compromise security” was back. :-(
Initially I thought Windows may have installed some update in the last week that strengthened the security settings and breaking network shares to old Linux boxes (It wouldn’t have been the first time). But that wasn’t the case.
I checked access to the domain controller server. It was fine, I could ping it by its Wins name (SOL), by its fully qualified domain name (sol.constantin.comcast.net), by it’s IP address (192.168.0.2), I could access the network shares on the server, etc. So, server being inaccessible didn’t seem to be the problem.
I looked then in the System Event Log to see if any problems were logged. There were lots of errors like these:
- Time-Service event ID 129: “NtpClient was unable to set a domain peer to use as a time source because of discovery error. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The entry is not found. (0x800706E1)”
- GroupPolicy event ID 1129 “The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator”. with error code 1222 - "The network is not present or not started."
- Netlogon 5719: “ This computer was not able to set up a secure session with a domain controller in domain CONSTANTIN due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.”
Eventually I rebooted the computer once more, and this time I got two different event types:
- GroupPolicy event ID 1055: “The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).”(and a similar event 1053 for “The processing of Group Policy failed. Windows could not resolve the user name”)
Searching the net for this one proved to be successful. I found this Microsoft support page, which indicated to look for an additional error code in Event Details tab. In my case the error code was 1355 “The specified domain either does not exist or could not be contacted.”. The support page instructed further to “Use nslookup to confirm you can resolve addresses of the domain controllers in the user domain.”
Sure enough, the DNS server was not able to resolve the name of the domain server computer…
And then it hit me what was wrong. The DNS server I was using was the Wi-Fi router (192.168.0.1), a Netgear/Linux box. This was not able to provide DNS entries correctly for the local network computers, despite them being configured with static addresses. :-( It was my fault, too – I had set the router as preferred DNS when the DC server was down due to the hardware failure…
So, I went to Control Panel\Network and Sharing Center, clicked on LocalAreaConnection, Properties, selected “Internet Protocol Version 4”, clicked Properties, and switched the Preferred/Alternate DNS Severs to use the domain controller (192.168.0.2) as the Preferred DNS server.
Now I was able to resolve correctly the name of the Domain Controller, and I was able to access the network shares without problem again…
If you reached this point and you’re asking why I told you all this, it’s because 12 months from now when I may hit again the same problem with the network shares it’s likely I won’t remember it may be due to an innocent switch of the DNS servers. Having it documented in the blog will help me remember. I hope if you searched and reached this article, it might help you too….
3 comments:
Thankyou good sir, i had a simular problem with the server local loop back address being listed as the primary DNS on the DC server. By changing this to the ip address of the server resolved my issue, but im at odds why the loop back doesnt work?
The same problem we have facing but we are using static ip ,can you have any suggestion,we have all those error,you help is appreciated.
Time-Service event ID 129: “NtpClient was unable to set a domain peer to use as a time source because of discovery error.
GroupPolicy event ID 1129 “The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator”. with error code 1222 - "The network is not present or not started."
Netlogon 5719: “ This computer was not able to set up a secure session with a domain controller in domain vmwarelab due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.”
@Rajeev: I am using static IPs as well (just in the private IP space). You may want to check for a DNS problem as indicated in the article. If it's something else I don't have a solution, you'll have to investigate further...
Post a Comment