Windows XP domain logon - 5719 & 1054.

[Guest]

Hi all - went through a lot of posts to find a solution - found a lot of the same problem, but no solution. So, here is what I got to work

Problem - Windows XP workstations and Windows 2003 servers/domain controllers. Windows XP log gives Event IDs 5719 and 1054 - cannot find domain controller. Once machine has logged on, only practical problem is that group policy has not applied - a problem if you use group policy to install applications and manage software - everything else works like it should. In netlogon.log on XP, first error appears after the parsing group policy values (near the beginning). The following events are listed on the problematic machines
[Session] Winsock Addrs: (0) List is now empty
[Critical] Address list changed since last boot. (Forget DynamicSiteName.
[Site] Setting site name to '(null)

On a properly working XP machine without the errors, I get the following results in these lines
[Session] \Device\NetBT_Tcpip_{physical address of network card?}: Transport Added - xxx.xxx.xxx.115
[Session] Winsock Addrs: xxx.xxx.xxxx.115 (1)

The xxx.xxx.xxx.115 is the tcp/ip address of the XP workstation

Resolution: I assigned a static ip address to the workstation, instead of using dhcp. This took care of the errors and group policy successfully applied. This is the first time that I have had this problem, although I recently upgraded our second domain controller to Windows 2003. Also, the six workstations that I recently rebuilt that all have the same problem have very fast hardware. The only thing I can figure is that the boot up is going too fast for dhcp to have a chance to work prior to calling for the domain controller. I also researched and tried many other possible solutions prior to stumbling on to this one, including no updates loaded or applications installed after clean re-install of XP, and changing group policy setting to disable cached logons (and doing a gpupdate) in an attempt to slow down the train. Perhaps MS will get a fix. Hope this helps. If this is redundant to a prior post I missed, my apologies in advance. Jim

 

[Ron Lowe]

Hi all - went through a lot of posts to find a solution - found a lot of

the same problem, but no solution. So, here is what I got to work.

Problem - Windows XP workstations and Windows 2003 servers/domain

controllers. Windows XP log gives Event IDs 5719 and 1054 - cannot find
domain controller. Once machine has logged on, only practical problem is
that group policy has not applied - a problem if you use group policy to
install applications and manage software - everything else works like it
should. In netlogon.log on XP, first error appears after the parsing group
policy values (near the beginning). The following events are listed on the
problematic machines:

[Session] Winsock Addrs: (0) List is now empty.
[Critical] Address list changed since last boot. (Forget DynamicSiteName.)
[Site] Setting site name to '(null)'

[Session] \Device\NetBT_Tcpip_{physical address of network card?}:

Transport Added - xxx.xxx.xxx.115)

[Session] Winsock Addrs: xxx.xxx.xxxx.115 (1).

The xxx.xxx.xxx.115 is the tcp/ip address of the XP workstation.

Resolution: I assigned a static ip address to the workstation, instead of

using dhcp. This took care of the errors and group policy successfully
applied. This is the first time that I have had this problem, although I
recently upgraded our second domain controller to Windows 2003. Also, the
six workstations that I recently rebuilt that all have the same problem have
very fast hardware. The only thing I can figure is that the boot up is
going too fast for dhcp to have a chance to work prior to calling for the
domain controller. I also researched and tried many other possible
solutions prior to stumbling on to this one, including no updates loaded or
applications installed after clean re-install of XP, and changing group
policy setting to disable cached logons (and doing a gpupdate) in an attempt
to slow down the train. Perhaps MS will get a fix. Hope this helps. If
this is redundant to a prior post I missed, my apologies in advance. Jim


An inability to find a Domain Controller usually indicates a DNS
misconfiguration.
Slow logons are also a common sypmtom of this problem.

So I'd check your DNS settings as described below before going any further.

XP differs from previous versions of windows in that it uses
DNS as it's primary name resolution method for finding domain
controllers:

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;314861

If DNS is misconfigured, XP will spend a lot of time waiting for it to
timeout before it tries using legacy NT4 sytle NetBIOS.
( Which may or may not work. )

1) Ensure that the XP clients are all configured to point to the local
DNS server which hosts the AD domain. That will probably be the
win2k server itself.
They should NOT be pointing an an ISP's DNS server.
An 'ipconfig /all' on the XP box should reveal ONLY the domain's
DNS server.

( you should use the DHCP server to push out the local DNS server
address. )

2) Ensure DNS server on win2k is configured to permit dynamic updates.

3) Ensure the win2k server points to itself as a DNS server.

4) For external ( internet ) name resolution, specify your ISP's DNS server
not on the clients, but in the 'forwarders' tab of the local win2k DNS
server.

On the DNS server, if you cannot access the 'Forwarders' and 'Root Hints'
tabs because they are greyed out, that is because there is a root zone (".")
present on the DNS server. You MUST delete this root zone to permit the
server to forward unresolved queries to yout ISP or the root servers.
Accept any nags etc, and let it delete any corresponding reverse lookuop
zones if it asks.


The following articles may assist you in setting up DNS correctly:

Setting Up the Domain Name System for Active Directory
http://support.microsoft.com/default.aspx?scid=kb;en-us;237675
HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202
DNS and AD FAQs:
http://support.microsoft.com/?id=291382

 

[Guest]

Ron - thanks. I checked out the DNS configuration, and tested it among other methods using netdiag on servers and problem workstations - everything looks right. In addition, of the thirty workstations we have, only the six new ones have the problem - one would think that DNS misconfiguration should cause same problem for all (all running XP and all part of same domain). Ipconfig on problem workstations also shows proper configuration (pointing to internal DNS servers, which are configured to use forwarders). The boot up process on the new workstations is also very, very fast - which is part of the problem - it is blowing right on by group policy being applied from the server. Whether it is XP, server 2003, or faster machine hardware, it appears that something is not quite right in the boot up procedures - dhcp does not timely assign ip address to the new workstations, which causes the first call for a domain controller in the net logon process to fail. Interestingly, but for group policy not working, you would never know this was a problem without checking the event viewer and logs. From a user perspective, the machines properly log on to the domain, and do so much faster than their old machines. Any thoughts are much appreciated - I like using dhcp on the system. Thanks. Jim

 

[Ron Lowe]

Ron - thanks. I checked out the DNS configuration, and tested it among

other methods using netdiag on servers and problem workstations - everything
looks right. In addition, of the thirty workstations we have, only the six
new ones have the problem - one would think that DNS misconfiguration should
cause same problem for all (all running XP and all part of same domain).
Ipconfig on problem workstations also shows proper configuration (pointing
to internal DNS servers, which are configured to use forwarders). The boot
up process on the new workstations is also very, very fast - which is part
of the problem - it is blowing right on by group policy being applied from
the server. Whether it is XP, server 2003, or faster machine hardware, it
appears that something is not quite right in the boot up procedures - dhcp
does not timely assign ip address to the new workstations, which causes the
first call for a domain controller in the net logon process to fail.
Interestingly, but for group policy not working, you would never know this
was a problem without checking the event viewer and logs. From a user
perspective, the machines properly log on to the domain, and do so much
faster than their old machines. Any thoughts are much appreciated - I like
using dhcp on the system. Thanks. Jim


OK, if DNS is ok, then it's time to consider other things.
A couple of suggestions:

1) Try disabling Fast Logon Optimisation:
http://support.microsoft.com/default.aspx?scid=kb;en-us;305293

2) If the problem really is due to the fast booting,
then it *may* be due to the way the network switch is configured.

Many switches run something called the Spanning Tree Protocol.
This is designed to prevent loops in the network topology.
On some switches, the network port comes up in 'blocking' state.
It then takes the switch some time to 'enable' the port.
During that time, the client is effectively off-line.
If your switch is configurable, try disabling STP on the client machine
ports.

 

[Guest]

Thanks Ron - I'll give these a try this evening. Jim

 

[Guest]

Well Ron - nothing is more humbling than a little crow - and just when I was convinced on how clever I had been. Problem came back even with static ip addresses. I checked out your suggestions also. I had already made the change to group policy per MS article and our switches do not use the spanning tree protocol. But, I did - this time really, really did - fix the problem. The driver for the network card had a bug, which caused a very short delay in connecting during boot up. For anyone interested, it is a Realtek RTL8101L nic built into the motherboard (Asus). Found an updated driver (dated 1/04) from Realtek's website that fixed the problem, with the delay being documented in the release notes. All six workstations suffered the same problem because all had the same nic. A further indicator of this problem in the event log was the 4201 "detected that network adaptor . . . was connected to the network" event occurring after the "could not fiind domain controller" 5719 and 1054 events. Ron - thanks for all your assistance, and hopefully this will be of some help to others. Thanks again. Jim