Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

xp sp2 with server 2000 3

Status
Not open for further replies.
deik313

deik313

Technical User
Dec 12, 2002
101
US
Hi, can anyone tell me if it is recommended to install SP2 on XP machines that are logging into a 2000 server? I have done this, but have heard now that there can be many problems due to different architectures. I'm having problems, but don't know for sure if it is because of SP2.

Is anyone else out there running XP clients with SP2 installed, logging into a 2000 SP4 server?
 
Sort by date Sort by votes
TECHNOME! This fixed it!!! I did the things you said above, and nslookup shows my DNS server now!!! Thank you, thank you, thank you! Thank you karmic, beerhunter2 and zigcoors, also, for all your suggestions. I did them all, and things are looking much better. I will see now if tomorrow the students are able to login without errors! YAHOOO!
 
Upvote 0 Downvote
Karmic's answer about the reverse lookup zone fixed your nslook problem, I just added my two cents. How did running Dcdiag and netdiag come out?


........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
OH NO!! No more USRENV errors, but now I am getting Netlogon and Auto enrollment errors. Specifically, 5719, 15, and 1053...can't find domain controller, can't find RPC server, enrollment will not be performed. These are not every login, but a few throughout the day.

I am so grateful to you, Karmic, and Technome for all your help on this. What a mess it seems to be!

I noticed that when I put only the IP of the DC on the preferred DNS server of the NIC TCP/IP settings, my server/DC could not get Internet access. I had to put my ISP's DNS as the alternate.

I suspect something is still not quite right. Any ideas on why I'm getting the event errors above on the workstations?
 
Upvote 0 Downvote
Look at this....


"I had to put my ISP's DNS as the alternate."
Something still need correction. Again run dcdiag and netdiag.Do you have the ISPs addresses in the forwarder's list. Do you have a second NIC enabled on your server, disable it. Just curious, in the DNS mmc, under your DNS server, Cached Lookups , are there entries there (is it populating with cached dns entries).

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Probably not a mess but some small mis config

Did you stop and start the net logon service at the server.

Sorry I did not read the last line about workstation errors. Still refer to my last post, post any errors from dcdiag and netdiag with the /v switch

Are your DHCP options set, no external ISP adresses should be in the options.
006
015
044, if you have WINS
003

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Okay, I could not get DCDIAG to run. It said it couldn't find DsIsMangledDnw. But, I ran NETDIAG. Everything looked okay...can I post those results here? There were a few funny things that I was unsure about. I will keep working on DCDIAG.

In DNS, there are cached lookup entries in both forward and reverse zones. I DO have the ISP's DNS addresses in the forwarders.

In DHCP, I have the scope options set as above (no WINS), but not SERVER options. Should those be set as well?

I will try the fix in the Microsoft article.
 
Upvote 0 Downvote
The DHCP server options are used if you have multiple DHCP scopes, which you want to be affected globally. If you have one scope, your scope options are sufficient.

Sounds like you have the incorrect version of DcDiag. The versions are related to the Sp level.

Only post any errors portions of the commands. Any errors in the event logs ?.

Please post the results from Ipconfig /all, from an offending workstation.

Is IPv6 installed in the local area network properties on the workstations or server, if so uninstall it.

Run nslookup from the offending workstations, is it showing your server, if the alternate DNS server entry, in wks TCP properties is left blank. ?


On the workstations...
"You may be able to work around this problem by disabling the "Media Sensing" feature in Windows. For additional information about how to disable Media Sense, click the following article number to view the article in the Microsoft Knowledge Base:
239924 How to Disable Media Sense for TCP/IP in Windows"

Heard of an odd solution,unlikely but..
Update the wks bios (and network driver)

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
The first time I ran NETDIAG it showed an error finding my default gateway.
Then, I realized that my firewall was not allowing pings, so I turned that on.
The second time, everything showed "passed".

The results below looked like they could be a problem: (###.###.#.# is one of my ISP's DNS servers...the 2nd alternate); (I changed IP to ###'s and DC name)

----
PASS - All the DNS entries for DC are registered on DNS server '###.###.#.#' (IP for my server).
Check the DNS registration for DCs entries on DNS server '###.###.#.#' (IP for ISP alternate DNS)
Query for DC DNS entry _ldap._tcp.schoolname.local. on DNS server ###.###.#.# failed. (ISP DNS)
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.pdc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.gc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.36d888fa-41ea-443d-be3f-5c2333a53d11.domains._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry 6a428c2b-790a-4a5a-8609-e5f71af7adc8._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kerberos._tcp.dc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.dc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kerberos._tcp.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _gc._tcp.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kerberos._udp.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kpasswd._tcp.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kpasswd._udp.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.Default-First-Site._sites.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.Default-First-Site._sites.gc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kerberos._tcp.Default-First-Site._sites.dc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _ldap._tcp.Default-First-Site._sites.dc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _kerberos._tcp.Default-First-Site._sites.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry _gc._tcp.Default-First-Site._sites.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
Query for DC DNS entry gc._msdcs.schoolname.local. on DNS server ###.###.#.# failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '###.###.#.#'. Please wait for 30 minutes for DNS server replication.

(ALl the ###'s in this text show the ISP's DNS server)
---------
Everything else looked normal, but here are statistics for some of the protocols.

IP Statistics

Packets Received = 8,697,790
Received Header Errors = 0
Received Address Errors = 1
Datagrams Forwarded = 0
Unknown Protocols Received = 0
Received Packets Discarded = 0
Received Packets Delivered = 8,697,251
Output Requests = 9,444,174
Routing Discards = 0
Discarded Output Packets = 0
Output Packet No Route = 0
Reassembly Required = 1,078
Reassembly Successful = 539
Reassembly Failures = 0
Datagrams successfully fragmented = 599
Datagrams failing fragmentation = 0
Fragments Created = 1,198
Forwarding = 2
Default TTL = 128
Reassembly timeout = 60


TCP Statistics

Active Opens = 9,790
Passive Opens = 46,625
Failed Connection Attempts = 148
Reset Connections = 1,879
Current Connections = 55
Received Segments = 8,384,213
Segment Sent = 9,334,567
Segment Retransmitted = 6,759
Retransmission Timeout Algorithm = vanj
Minimum Retransmission Timeout = 300
Maximum Retransmission Timeout = 240,000
Maximum Number of Connections = -1


UDP Statistics

Datagrams Received = 111,978
No Ports = 164,152
Receive Errors = 1
Datagrams Sent = 53,704


ICMP Statistics

Received Sent
Messages 48,996 48,996
Errors 0 0
Destination Unreachable 30 30
Time Exceeded 0 0
Parameter Problems 0 0
Source Quenchs 0 0
Redirects 0 0
Echos 37,588 37,588
Echo Replies 11,378 11,378
Timestamps 0 0
Timestamp Replies 0 0
Address Masks 0 0
Address Mask Replies 0 0

-----
I wonder what is causing the "failed connection attempts'?

Everything else looked pretty good (I think!) I'm still working on getting a different version of DCDIag. I will post those results when I get them.

Thank you again for your help.
 
Upvote 0 Downvote
Here is the dcdiag results. Doesn't look too good! :)

-------
Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine server, is a DC.
* Connecting to directory service on server server.
* Collecting site info.
* Identifying all servers.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site\SERVER
Starting test: Connectivity
* Active Directory LDAP Services Check
6a428c2b-790a-4a5a-8609-e5f71af7adc8._msdcs.schoolname.local's server GUID DNS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6a428c2b-790a-4a5a-8609-e5f71af7adc8._msdcs.schoolname.local)
couldn't be resolved, the server name (server.schoolname.local)
resolved to the IP address (192.168.1.2) and was pingable. Check that
the IP address is registered correctly with the DNS server.
......................... SERVER failed test Connectivity

Doing primary tests

Testing server: Default-First-Site\SERVER
Skipping all tests, because server SERVER is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels

Running enterprise tests on : schoolname.local
Starting test: Intersite
Skipping site Default-First-Site, this site is outside the scope
provided by the command line arguments provided.
......................... schoolname.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\server.schoolname.local
Locator Flags: 0xe00001fd
PDC Name: \\server.schoolname.local
Locator Flags: 0xe00001fd
Time Server Name: \\server.schoolname.local
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\server.schoolname.local
Locator Flags: 0xe00001fd
KDC Name: \\server.schoolname.local
Locator Flags: 0xe00001fd
......................... schoolname.local passed test FsmoCheck
 
Upvote 0 Downvote
In DNS, make certain the all the SRV records exist for each server. The DNS SRV records required to locate a domain controller for the domain are not registered in DNS.

IF SRV records are missing run NETDIAG / FIX

On the wks + server, under the TCP/IP you do have the DNS suffix entered ?

With 50+users, If the above do not work, I would delete the DNS, and immediately recreate it, off hours. Make sure you DC have records. Get rid of the ISP as a an entry in the local area connection properties

Setup WINS, uses little resources/overhead, insurance for compatibility

As far as the fragments, set the correct MTU for your router
Not a big problem as the packet are reassembled



........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Okay, I took ISP's address out of the TCP/IP settings. I checked and I DON'T have the suffix entered for TCP/IP, so I put that in the server and workstations.

I verified that I DO have SRV records under the Forward zone in DNS. I did a dns flush and re-register just in case with IPCONFIG.

I set the maxpacket according to MS article 244474 above. Have not set up WINS yet, am working on learning how to do it correctly.

I ran DCDIAG and NETDIAG again and get no errors, everthing passed, but I still can't get Internet access on the server/DC. Everyone else can, though. This really only a problem for updates/service packs on the server. If I put the ISP back in DNS alternate, Internet works. I wonder why??

Am still waiting to see if there are additional netlogon errors.
 
Upvote 0 Downvote
No, spoke too soon. Still many Netlogon and Autoenrollment errors in the event log of the workstations. The funny thing is that I'm getting them periodically on the DC, too! What a nightmare.

I get the errors on most of the clients, but not all at the same time. Usually it is when the machine is cold or warm booted (ie: not between logons). The user doesn't seem to be aware, as it still logs them in and gives them access to the network files.

Does anyone know of a good link for instructions on installing WINS?
 
Upvote 0 Downvote
I is not a nightmare, but some simple setting(s) which is just not right.

WINS is not difficult, especially with one server, search google, this will not fix the present DNS problems. but is for compatibility issues

Did you stop and start the netlogon service.

Just to go over a couple of things...
In your DHCP you did exclude an IP range for servers, printers and other static devices.
You have placed maual Ip address, subnet,default gateway in the server tcp/ip properties. The server can ping the default gateway. Pathping an external site, the results will show which router stops communcation. Stop the firewall service temporarily, retest. If you have a CISCO firewall let me know, there is a setting which can affect Internet DNS queries.

Internet not working on server. If the WKS are only set to go to the server for DNS (no ISP address in the alternate), DNS is working corectly. If this is the case, it is the server software firewall or some minor setting which is incorrect.

Get Mark Minasi's Mastering Windows Server 2000 by Sybex, for future reference, one of the best books

If you want, send a copy of the following to pcmeiners11@yahoo.com...
security wise I do not have you usernames or passwords or you hardware firewall setting, I am no threat.

From server netdiag /v >c:servernetdiag.txt
From WKS " WKS netdiag.txt

Dcdiag.txt dcdiag /v >c:\serverdcdiag.txt

From server ipconfig /all >c:ipconfigserver.txt
From WKS " c:\IpconfigWKS.txt

If you have Word on the WKS and server, print screens of the TCP/IP properties and all DNS properties, DHCP properties would be cool.

........................................
Chernobyl disaster..a must see pictorial
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
210
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
259
Aquiles Vidal
Aquiles Vidal
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
467
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
270
DrB0b
DrB0b
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
307
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top