D
David Sanders
On a Win2K SP3 Member Server with the following Service
Packs...
q147222;q323172;q323255;q324096;q324380;q326830;q326886;q32
7696;q328310;q329115;q329170;q329553;q329834;q331953;q81064
9;q810833;q811114;q811493;q811630;q814033;q816093;servicepa
ckuninstall;
I receive the errors below
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5776
Date: 7/2/2003
Time: 8:04:56 AM
User: N/A
Computer: SERVERNAME
Description:
Failed to create/open file \system32\config\netlogon.ftl
with the following error:
Logon failure: account currently disabled.
Data:
0000: 33 05 00 00 3...
___________________________________________________________
and
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 7/1/2003
Time: 6:38:27 PM
User: N/A
Computer: SERVERNAME
Description:
The Task Scheduler service terminated with the following
error:
Logon failure: account currently disabled.
___________________________________________________________
and
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 7/2/2003
Time: 4:09:20 AM
User: N/A
Computer: SERVERNAME
Description:
The Background Intelligent Transfer Service service failed
to start due to the following error:
Logon failure: account currently disabled.
___________________________________________________________
and
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10002
Date: 7/2/2003
Time: 9:07:59 AM
User: DOMAIN\Username
Computer: Servername
Description:
Access denied attempting to launch a DCOM Server. The
server is:
{E367E1A1-E917-11D0-AF5F-00A02448799A}
The user is Username/DOMAIN, SID=X-X-X-XX-XXXXXXXXXX-
XXXXXXXXX-XXXXXXXXXX-XXXX.
___________________________________________________________
(All identifiable information has been replaced in the
errors above.)
All of these services run under the LocalSystem Account,
except for the DCOM server which runs under an account
with local administrator access. I cannot find
the "{E367E1A1-E917-11D0-AF5F-00A02448799A}" string in
DCOMCNFG.
At this point, all connections to the server (UNC Pathing,
Drive Mapping, and Remote Management Tools) will fail with
a "Logon Failure, Acocunt Disabled" error. Access is only
available through the local console.
A reboot of the server will result in restored
functionality for about half a day.
NetDiag and DCDiag show no errors on all Domain
Controllers. All trusts are in place and active. This is
an isolated issue in a Mixed Mode 2000 Active Directory
Domain with Resource and User Domains in a Parent/Child
configuration. NTFS permissions have not been modified
from default install. 5 shares are available to end users
permissioned using Global to Local Group nesting.
The system has been disjoined and rejoined to the domain.
All Local and Domain Accounts have been verified unlocked.
Any assistance you can provide would be greatly
appreciated.
Packs...
q147222;q323172;q323255;q324096;q324380;q326830;q326886;q32
7696;q328310;q329115;q329170;q329553;q329834;q331953;q81064
9;q810833;q811114;q811493;q811630;q814033;q816093;servicepa
ckuninstall;
I receive the errors below
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5776
Date: 7/2/2003
Time: 8:04:56 AM
User: N/A
Computer: SERVERNAME
Description:
Failed to create/open file \system32\config\netlogon.ftl
with the following error:
Logon failure: account currently disabled.
Data:
0000: 33 05 00 00 3...
___________________________________________________________
and
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: 7/1/2003
Time: 6:38:27 PM
User: N/A
Computer: SERVERNAME
Description:
The Task Scheduler service terminated with the following
error:
Logon failure: account currently disabled.
___________________________________________________________
and
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 7/2/2003
Time: 4:09:20 AM
User: N/A
Computer: SERVERNAME
Description:
The Background Intelligent Transfer Service service failed
to start due to the following error:
Logon failure: account currently disabled.
___________________________________________________________
and
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10002
Date: 7/2/2003
Time: 9:07:59 AM
User: DOMAIN\Username
Computer: Servername
Description:
Access denied attempting to launch a DCOM Server. The
server is:
{E367E1A1-E917-11D0-AF5F-00A02448799A}
The user is Username/DOMAIN, SID=X-X-X-XX-XXXXXXXXXX-
XXXXXXXXX-XXXXXXXXXX-XXXX.
___________________________________________________________
(All identifiable information has been replaced in the
errors above.)
All of these services run under the LocalSystem Account,
except for the DCOM server which runs under an account
with local administrator access. I cannot find
the "{E367E1A1-E917-11D0-AF5F-00A02448799A}" string in
DCOMCNFG.
At this point, all connections to the server (UNC Pathing,
Drive Mapping, and Remote Management Tools) will fail with
a "Logon Failure, Acocunt Disabled" error. Access is only
available through the local console.
A reboot of the server will result in restored
functionality for about half a day.
NetDiag and DCDiag show no errors on all Domain
Controllers. All trusts are in place and active. This is
an isolated issue in a Mixed Mode 2000 Active Directory
Domain with Resource and User Domains in a Parent/Child
configuration. NTFS permissions have not been modified
from default install. 5 shares are available to end users
permissioned using Global to Local Group nesting.
The system has been disjoined and rejoined to the domain.
All Local and Domain Accounts have been verified unlocked.
Any assistance you can provide would be greatly
appreciated.