1054 Error (Windows cannot contact DC - Group Policy)

  • 1.9K Views
  • Last Post 2 weeks ago
dyeltondennis-carpentercom posted this 15 January 2007

I have a new member
server (Windows 2003 R2 x64) in my Windows 2003 domain (not R2). My setup
contains two Windows 2003 DC's, both being DNS servers with the PDC being a WINS
server. I have been working on a problem with a 1054 error in the event
log for the mentioned Windows 2003 R2 x64 member server that has been added
recently.

Error 1054 as a
refresh is the following:
Windows cannot obtain the domain controller name for your computer network.
(An unexpected network error occurred. ). Group Policy processing aborted.
I worked on
solutions all day Friday to no avail so I am seeking assistance on this
matter. No other member of the domain has this error that I am aware
of. SRV records for the DC's are in the DNS and is setup correctly on the
troubled member server. I have looked through WINS and saw no apparent
problems with its setup either. I have updated the drivers and firmware
for the network cards in the new member server and in both
DC's.

I will say that I have a strange issue on my
local PC from time to time (and I'll assume this happens on other domain
member's PC's as well) where I cannot logon to Active Directory Users and
Computers by using the domain as a locator, however I am able to go into it if I
selectively choose a specific DC from the list.

When running netdiag on the problem member
server I see no issues and when running netdiag and dcdiag on the DC's I see no
issues. I am able to get to SYSVOL from the problem member server by going
to \domain\sysvol\domain.

I have turned on logging of USERENV on the
problem member server and I get this in the log:

USERENV(37c.66c) 07:00:02:294 PingComputer:
PingBufferSize set as 2048USERENV(37c.66c) 07:00:02:294 PingComputer:
Adapter speed 1000000000 bpsUSERENV(37c.66c) 07:00:02:294
PingComputer: First time: 2482USERENV(37c.66c) 07:00:02:294
PingComputer: Second time: 2482USERENV(37c.66c) 07:00:02:294
PingComputer: First and second times match.USERENV(37c.66c)
07:00:02:294 PingComputer: First time: 2482USERENV(37c.66c)
07:00:02:294 PingComputer: Second time: 2482USERENV(37c.66c)
07:00:02:294 PingComputer: First and second times
match.USERENV(37c.66c) 07:00:02:294 PingComputer: First time:
2482USERENV(37c.66c) 07:00:02:294 PingComputer: Second time:
2482USERENV(37c.66c) 07:00:02:294 PingComputer: First and second times
match.USERENV(37c.66c) 07:00:02:294 PingComputer: No data
availableUSERENV(37c.66c) 07:00:02:294 ProcessGPOs: DSGetDCName failed with
59.

I am very close to calling Microsoft to help
resolve the issue but I thought I'd run it by you guys. I'm in the
unfortunate position of being the only IT personnel here and having to be a jack
of all trades as it would be. I typically have no problem solving an issue
like this, especially with the help of Google but this problem just goes beyond
stumping me. Any help is appreciated.

Donavon YeltonManager of Information SystemsCarpenter
Industries, Inc.(704) 743-2068http://www.dennis-carpenter.com

THIS MESSAGE CONTAINS INFORMATION INTENDED
ONLY FOR THE USE OF THE INDIVIDUAL OR ENTITY NAMED ABOVE. IF THE READER OF THIS
MESSAGE IS NOT THE RECIPIENT, OR THE EMPLOYEE OR AGENT RESPONSIBLE TO DELIVER IT
TO THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY DISSEMINATION,
DISTRIBUTION OR COPYING OF THIS MESSAGE IS STRICTLY PROHIBITED. IF YOU HAVE
RECEIVED THIS MESSAGE IN ERROR, PLEASE NOTIFY US IMMEDIATELY VIA RETURN-E-MAIL
AND DELETE THIS MESSAGE FROM YOUR SYSTEM. THANK YOU.Carpenter Industries, Inc.

Order By: Standard | Newest | Votes
dyeltondennis-carpentercom posted this 15 January 2007

This appears to be the only system on the network having this issue. I
connected to another Windows 2003 Standard member server and did a
gpupdate and then looked at the event log and it appears clean after the
gpupdate command was ran. Slow link detection has not been disabled on
that machine (or any on my network for that matter, with the exception
of this new problem server now).

ICMP is not being blocked. Windows firewall is turned off on all
servers on the network (including the two DC's and this problem member
server). To my knowledge there is nothing on the network limiting ICMP
packet size. I certainly haven't done anything to limit it.

For an update on the current status of disabling slow link detection.
It has been roughly 30 minutes or so and no event log error shows after
running gpupdate on the member server. When doing a gpresult everything
appears to process correctly. This problem server is a new terminal
server and when I logon as a TS user to this computer it still shows a
1054 error and the same 59 errors in the userenv log file. The only
exception is when I login as the network admin account through remote
desktops (the account I made the registry edit for
GroupPolicyMinTransferRate under).

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

I have updated this server's NIC drivers and firmware. The server in
question is a HP DL585 G2 and I am using one embedded gigabit nic (the
other is identical but disabled). I have also made sure that the NIC I
am using is at the top of the stack in adapters and binding. The
network card in the problem server is a HP NC371i.

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

Yes, these are Broadcom NICs. I want to go back to the last question
that was asked (if my network card drivers were up to date) and change
my answer. I had ran the HP update package for the NC series cards in
the server and it showed as updated (even if I run it at the moment it
tells me that the drivers are up to date) with version 2.8.22.0. The
problem is that when I look at the actual driver version by going to the
device manager and viewing properties it shows a version of 2.8.13.0.

On that note, in looking back at HP's revision history for their driver
for this card it has no mention of version 2.8.13.0 so is it possible
that this is the driver that came with Windows? If so, how can I go
about getting rid of that driver and installing this new driver from HP.
Updating the driver and choosing the new driver explicitly doesn't work
and running HP's update package for the driver obviously fails to really
update the driver.

I can't say that this driver version is the root cause of the issue but
I do need the drivers updated to have a place to start from.

Susan, is there a known issue with Broadcom's that could possibly affect
the problem I'm having? Thanks for the assistance!

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

I'm not about to give up on the Broadcom NICs as this is a brand new
server that cost as much as a Honda Accord. I'm not sure I can believe
that HP would put a defective card in such a machine. You'd think
others would have the same issues in mass quantity if that were the
case. I'm also using Broadcoms in other HP servers here (including the
two DCs) and they have not had any issues. It is all too easy to chalk
up a problem like this to network cards, but I don't think it explains
why the GPO is applied successfully without issues within the first 15
minutes or so after a reboot. There are no other problems cropping up
from these Broadcoms either.

Now for a question, how do I disable slow link detection for all
terminal service users on this problem server since that seems to have
fixed the issue? I need to make the change in the registry on the
problem server apparently as making the switch in the GPO itself seems
to not have any effect.

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

After some investigating I am apparently running the latest drivers for
my NICs. The only updated files since 2.8.13.0 are for things like
iSCSI which I do not use. I wish driver numbers would correspond
though. So now that I know I'm running the latest version I'm stumped.
Disabling slow link detection fixes the userenv errors but I still need
the fix for that to carry over to my TS users on that server. And of
course this doesn't fix the root cause which forces me to disable the
slow link detection either.

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

Well, in doing that it did pop up a couple of things. I'm certainly nowhere close to an advisor on this so if one of you more familiar could help me out on deciphering the code on a couple of things. Are the following two items normal (they didn't look right to me):

1) DNS: Question Section: ldap.tcp.Default-First-Site-Name.sites.dc.msdcs.DOMAIN. of type Unknown Type on class Unknown Class
DNS: 0x32E3:Std Qry Resp. for ÏŠZHü¶ç0õ@íÍ.

2) DNS: Question Section: _ldap.
tcp.Default-First-Site-Name.sites.dc.msdcs.domain. of type Unknown Type on class Unknown Class
DNS: 0xB4E5:Std Qry Resp. for . of type Unknown Type on class Unknown Class

You may need more information so if I can get you anything else let me know. These entries just seem out of place to me, especially the one that has been displayed as "ÏŠZHü¶ç0õ@íÍ"

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

Hi Steve,

When running nltest /dsgetdc: on the problem member server I
get the following (NOTE: I ran it twice, once for DOMAIN and again for
DOMAIN.LOCAL which is the full name. I noticed that the flags for each
are different):

C:\Documents and Settings\supervisor>nltest /dsgetdc:domain
DC: \ATHENA
Address: \192.168.1.6
Dom Guid: 0c93e47c-f1a8-4e05-916c-d6e6670f2c96
Dom Name: DOMAIN
Forest Name: domain.local
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNSFOREST
CLOSE
S
ITE
The command completed successfully

C:\Documents and Settings\supervisor>nltest /dsgetdc:domain.local
DC: \athena.domain.local
Address: \192.168.1.6
Dom Guid: 0c93e47c-f1a8-4e05-916c-d6e6670f2c96
Dom Name: domain.local
Forest Name: domain.local
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNSDC
DNS
DOMAIN
DNSFOREST CLOSESITE
The command completed successfully


I have already tried to disable slow link detection on the problem
member server however I had to do so by going into gpedit.msc and
setting it to 0 as that registry location doesn't exist on Windows 2003
Server R2 x64 (when searching on Google I could not find the location of
this key in this version of windows). Also of note is that I have went
so far as forcing 100Mb connection on the active NIC on the problem
member server but it also did not solve the issue so I set it back to
auto. The NIC in the machine is a 1Gb card.

This morning I removed it from the domain and added it back. The group
policy seemed to work for a bit but after about 15 minutes of tests I
got the 1054 error again. Strangely if I do a gpupdate /force I don't
get the 1054 error in the event log and instead get a 1704 (Security
policy in the Group policy objects has been applied successfully).

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

In addition to my last response I have noticed that when I reboot the
problem server it will apparently apply the group policy without issues
for 15 minutes or so and then will fail to do so from that point
forward. When viewing the userenv log file after a reboot and after
giving the gpupdate command, it shows no 59 errors and nothing shows up
in the event log. Wait about 15 minutes or so and the event log shows
the 1054 error and the userenv log shows the 59 error.

Donavon

show

dyeltondennis-carpentercom posted this 15 January 2007

In further testing today I did end up finding the location to add the
GroupPolicyMinTransferRate DWORD value to the registry of the problem
server. About 5 minutes ago I added that key with a value of 0 to HKLM
and HKCU and when running a gpupdate I do not get the error and when
looking at the userenv log I do not see the error 59 or any error that
it cannot contact the DC. I do not want to say that this is it for sure
but for the moment it does appear to be working.

Now I suppose I should ask that since this was simply a troubleshooting
step, what would I need to do in order to investigate a long-term
solution to the problem? Thanks for all of the help!

Donavon

show

dyeltondennis-carpentercom posted this 16 January 2007

I moved to another switch and I still get the same issue and I can't go any further with drivers. I suppose the step I need to take now is to purchase a new NIC. Since everyone has strong feelings for Intel I wanted to ask what you guys suggest. This is a HP DL585 G2 server (rackmount) with PCI-X slots.

Donavon

show

dyeltondennis-carpentercom posted this 16 January 2007

Considering a HP NC360T card for my problem server. Anyone have any objections to using this card? It is Intel based (Intel 82571EB).

Thanks for all of the help!

Donavon

show

dyeltondennis-carpentercom posted this 19 January 2007

Well, I did as you and other suggested, install an Intel NIC card in the
system. I purchased an NC360T Intel chipset card. So after a $300 NIC
card was installed in the system I boot it up, run gpupdate and bam, I
get a 1054 userenv error (same one I was getting with the Broadcom's).

Any further suggestions before I call Microsoft?

Donavon Yelton

show

dyeltondennis-carpentercom posted this 19 January 2007

Well, I disabled media sensing again (first time for this Intel card
though, disabling didn't work with the Broadcoms) and it actually may
have worked this time around. I'll watch it and do some testing but for
now consider it fixed pending. 8-)

Donavon Yelton

show

dyeltondennis-carpentercom posted this 19 January 2007

I spoke too soon in regards to it being fixed. Apparently it is now
intermittent and I can't make the 1054 error come up consistently. The
logging has been set to 0x00030002 for some time but I haven't been able
to catch anything beyond the 59 error. I did a gpupdate about 5 minutes
ago and it showed the 1054 error but then when I waited a couple of
minutes (not changing anything at all) it did not show up after doing a
gpupdate and the userenv log showed nothing out of whack (no 59 errors).

Any ideas to what could be the cause of intermittent issues? After over
a week with this issue I'm losing my hair, and I don't have much more to
lose. 8-(

Donavon Yelton

show

dyeltondennis-carpentercom posted this 19 January 2007

Test came up clean. Thanks for the link as that may come in handy in
the future! I've been doing random gpupdate commands since the last
userenv error at 2:51PM EST and I haven't gotten a single 1054 error
since so I'm crossing my fingers that the DisableDHCPMediaSense works
with this new Intel card.

Donavon Yelton

show

Close