Failed to Query the Group Policy link information with 0x8007203a

M

Mel Davies

I have 3 servers on a Domain. One has exchange 2003
installed. When a try to amend group policies through AD
on all but the Operations Master (PDC) i get this "
message @ Failed to Query the Group Policy link
information with 0x8007203a" I have run Netdiag and get
the following message " LDAP
test. . . . . . . . . . . . . : Passed
[FATAL] Cannot do un-authenticated ldap_search
to 'server A.domain.co.uk': Unavailable.
[WARNING] Failed to query SPN registration on
DC 'server A.domain.co.uk'.
where server A is the OM (PDC)

I have looked on the web but all the answers are in dutch
and the translation is not clear.

Has anybody had a similar problem and can shed some light
on the subject.
 
T

Tim Springston \(MSFT\)

Hi Mel-

This sounds like the other DCs are not able to contact or communicate
succesfully with the PDC Emulator. I would suggested running NETDIAG /V on
the affected DCs, as well as DCDIAG /V, and see what problems are revealed.
DCDIAG.EXE and NETDIAG.EXE are Support Tools.

You may post your results to the newsgroup as a reply. It'd be a good idea
to only post the errors/fails, and to sanitize the results of any
potentially sensitive information first.
 
B

Buz [MSFT]

Hello Mel,

Verify Server A has LDAP enabled:

To see if the server is listening on LDAP port 389, you can telnet
to the port by opening a command prompt and typing "telnet <server name>
389".
You should get a blank screen with a sincle cursor that just sits there for
at
least 30 seconds and longer. If you get disconnected quickly with
"Connection
failed" then LDAP is not listening on this port.

Also are you using NAT on this box? If so see: 270152 The DC Promo Program
Does Not Work When Using Network Address Translation
http://support.microsoft.com/?id=270152

The above article discusses why Kerberos doesn't work over NAT. Incorrectly
configured DNS settings can cause this as well.

RELATED KNOWLEDGE-BASE ARTICLES:
=================================
272294 Active Directory Communication Fails on Multihomed Domain
Controllers
http://support.microsoft.com/?id=272294

263293 Windows 2000 NAT Does Not Translate Netlogon Traffic
http://support.microsoft.com/?id=263293

Buz Brodin
MCSE NT4 / Win2K
Microsoft Enterprise Domain Support

Get Secure! - www.microsoft.com/security

This posting is provided "as is" with no warranties and confers no rights.

Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Failed to open Group Policy Object 3
Using Group Policy to define a Password Policy 1
Failed to open the group policy object 8
Error : Failed to Open Group Policy Object 1
Can't access default group policy 2
Failed to Open the Group Policy Object 2
Group Policy Problems 1
Can't open GPO 1

Top