Logon Request Validation

[Dan Thomas]

I have a problem with a Win2000 Small Business Server
running Active Directory that I cannot resolve. I have
tried KB searches for info regarding this problem and have
talked to many colleagues in my area with no success.

Here is the problem: Sporadically, when attempting to
access shared resources on the network from W2K Pro
workstations, users will receive a message stating "There
is no domain server available to validate the logon
request..."

This message is puzzling because while the workstation
cannot access a specified shared resource on a particular
machine, it access shared resources on the server and on
other machines fine. The machines hosting the shared
resources are a mix of Win2K Pro, Win95 & Win98. The OS
of the machine hosting the share doesn't appear to have
any effect.

In almost every case, logging off the workstation getting
the message and logging back on will resolve the issue
immediately, however, waiting a couple of hours will also
resolve the problem (without logging off and back on).
The shared resources are file shares and printer shares.
Each appears to be affected equally.

I see not event viewer messages on the server related to
the failed attempts to access the devices and see no logon
related events (which makes sense, if the workstation
cannot find the DC) -- but the message appears on multiple
workstations!

Any ideas appreciated!

 

[Steven L Umbach]

This generally is a dns related problem. W2K needs correct dns configuration
to function as dns is used as a resource locator via _srv records in
addition to resolving host names. Usual problems are that the W2K machines
are not all configured to point to the domain controller and domain
contoller only, including the domain controller itself and to NEVER have an
ISP dns server listed in the tcp/ip properties of a W2K domain computer. It
may help to run netdiag and then dcdiag on the domain controller looking for
any failed tests and the running netdiag on one of the W2K computers next
time the problem pops up. -- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;291382
http://support.microsoft.com/default.aspx?scid=KB;en-us;q265706&gssnb=1

 

[Dan Thomas]

That makes good sense for me. I know that I have my
workstations and the DC pointed to our internet gateway
for DNS.

So, if I change this and the DC points to itself for DNS
and the workstations point to the DC for DNS, then how do
internet host names get resolved?

I assume my default gateway would remain as the address
for my internet router... Is that how it would then
resolve internet hostnames?

I think I need to learn more about how DNS works...

 

[Steven L Umbach]

See the link below for KB article on how to do it. The article is about
W2003, but it is the same for W2K. Your Active Directory dn server can be
configured to "forward" requests to resolve internet names to your ISP dns
server [by it's actual ip address] or it can resolve internet names itself
by using "roothints" which are the ip addresses for the internet root dns
servers where all internet name resolution starts at unless the dns name is
in a cache somewhere. Yes you would use the lan side ip address of your
router as the default gateway. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;323380

 

[Marina Roos]

Hi Dan,

Also, have you got WINS installed on the server? W9x, ME and NT4 need it.
How many nics in the server? Are you using RRAS as well? If 2 nics, make
sure you do the regedits in 292822.
Check DHCP-server for options 003, 006, 015, 044 and 046 (0x8).
Have a look at www.smallbizserver.net and the
microsoft.public.backoffice.smallbiz2000 newsgroup.

Marina