Domain Logon problem and removing invalid entries in the AD

D

Dinendra

Hi,
I have 2 questions regarding a windows 2000 Active
directory domain. please help

1. we are having a W2K AD domain which has 3 DC(1 root and
2 additional DCs) located in 3 physical sites. The root
server is holding the FSMO roles, other than that it has a
AD integrated DNS service, a DHCP Service and it's the GC
for that site. And there are 3rd party software running
like ARCServe 2000 for backups and some Oracle 8i
intances. There is a Daily full backup scheduled to run at
night in this server which run till next morning. when the
user are trying to login to the server in the morning, it
takes nearly 1/2 hours to login. But after a restart, user
can login without any problem. This server is running
Windows 2000 Server with SP3 and all necessary security
patches and hotfixes are installed. Whats could be the
reason for this issue? please advice.


2. The next problem is that, in this Active directory,
there are many unwanted entries which cause to generate
NETLOGON errors in the Event viewer(SYSTEM) in the root
server. As an example :

"No Windows NT or Windows 2000 Domain Controller is
available for domain PCCL_HEMAS. The following error
occurred:
There are currently no logon servers available to service
the logon request."

" No Windows NT or Windows 2000 Domain Controller is
available for domain PCCL_PALAVI. The following error
occurred:
There are currently no logon servers available to service
the logon request."

This windows 2000 active directory has been setup as a
Windows NT domain upgrade by another party. These
PCCL_HEMAS, PCCCL_PALAVI entries are no more in this AD.

Is there anyway we can remove these entries from our AD,
without any corruption? Please advice

Thanks & regards

Dinendra
 
A

Ace Fekay [MVP]

In
Dinendra said:
Hi,
I have 2 questions regarding a windows 2000 Active
directory domain. please help

1. we are having a W2K AD domain which has 3 DC(1 root and
2 additional DCs) located in 3 physical sites. The root
server is holding the FSMO roles, other than that it has a
AD integrated DNS service, a DHCP Service and it's the GC
for that site. And there are 3rd party software running
like ARCServe 2000 for backups and some Oracle 8i
intances. There is a Daily full backup scheduled to run at
night in this server which run till next morning. when the
user are trying to login to the server in the morning, it
takes nearly 1/2 hours to login. But after a restart, user
can login without any problem. This server is running
Windows 2000 Server with SP3 and all necessary security
patches and hotfixes are installed. Whats could be the
reason for this issue? please advice.


2. The next problem is that, in this Active directory,
there are many unwanted entries which cause to generate
NETLOGON errors in the Event viewer(SYSTEM) in the root
server. As an example :

"No Windows NT or Windows 2000 Domain Controller is
available for domain PCCL_HEMAS. The following error
occurred:
There are currently no logon servers available to service
the logon request."

" No Windows NT or Windows 2000 Domain Controller is
available for domain PCCL_PALAVI. The following error
occurred:
There are currently no logon servers available to service
the logon request."

This windows 2000 active directory has been setup as a
Windows NT domain upgrade by another party. These
PCCL_HEMAS, PCCCL_PALAVI entries are no more in this AD.

Is there anyway we can remove these entries from our AD,
without any corruption? Please advice

Thanks & regards

Dinendra

WHen I see "long logon time", in most cases it's a DNS misconfiguation on
the client side. Yes, a DC is also a DNS client. Even if it's a DNS server,
it's still needs to be configured in it's IP properties to use itself or to
use some DNS server for resolution. Usually DNS is a major cause of problems
if registration is not occuring properly. Specifically the registration of
the SRV records.

Some administrators will continue to use their ISP's DNS addresses in their
DCs and clients. This causes numerous errors and headaches with AD. The
proper method is to only use your internal server and configure a forwarder
for efficient Internet resolution.

It also sounds like you have a single label AD DNS domain name which can be
the cause of many errors once updated to SP4 since DNS under SP4 will not
allow registration of single label domain names. But there's a bandaid for a
DNS toallow registration from a single label DNS name, but keep in mind,
this will not work properly with XP clients.
http://support.microsoft.com/?id=300684

See if this helps to force DNS to accept registration.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top