|
it
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
DNS errors after moving Windows 2003 server to DMZI recently moved a 2003 server into a Cisco PIX DMZ and now I'm getting these errors in Event Viewer: Event Type: Error Event Source: Userenv Event Category: None Event ID: 1054 Date: 3/23/2005 Time: 8:21:15 AM User: NT AUTHORITY\SYSTEM Computer: XXXXXXXXXX Description: Windows cannot obtain the domain controller name for your computer network. (An unexpected network error occurred. ). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I have the following ports open from that host on the DMZ to the inside network: domain/udp to DC kerberos/tcp to DC kerberos/udp to DC time/udp to DC netbios-ssn/tcp to DC ldap/tcp to DC 389/udp to DC 445/tcp to DC 3268/tcp to DC 10024/tcp to DC (I created this static RCP port to get around dynamic RCP). I added the TCP/IP Port DWORD in HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters and set the value to 10024 I rebooted the DC after putting those firewall settings in place but still getting the DNS errors. I even disjoined and rejoined to the domain - to no avail. Am I missing a port necessary for domain authentication? Thank You for your help and have a nice day!! GreenThumb Is DNS (UDP port 53) open on your firewall? The event message indicates
Group Policy isn't processing, and this is often due to DNS problems. If the server can't find the domain controller using DNS, it can't authenticate and Group Policy processing will fail. -- Show quoteHide quoteCheers, Mitch Tulloch ============================ website: http://www.mtit.com weblog: http://itreader.net ***This message is provided "as is" with no warranties, and confers no rights*** "GreenThumb" <GreenTh***@discussions.microsoft.com> wrote in message news:8CE85B5E-DDC1-4B7A-A225-4F68504279CD@microsoft.com... > Hi All- > > I recently moved a 2003 server into a Cisco PIX DMZ and now I'm getting > these errors in Event Viewer: > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1054 > Date: 3/23/2005 > Time: 8:21:15 AM > User: NT AUTHORITY\SYSTEM > Computer: XXXXXXXXXX > Description: > Windows cannot obtain the domain controller name for your computer network. > (An unexpected network error occurred. ). Group Policy processing aborted. > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > > I have the following ports open from that host on the DMZ to the inside > network: > > domain/udp to DC > kerberos/tcp to DC > kerberos/udp to DC > time/udp to DC > netbios-ssn/tcp to DC > ldap/tcp to DC > 389/udp to DC > 445/tcp to DC > 3268/tcp to DC > 10024/tcp to DC (I created this static RCP port to get around dynamic RCP). > I added the TCP/IP Port DWORD in > HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters and set the value to > 10024 > > I rebooted the DC after putting those firewall settings in place but still > getting the DNS errors. I even disjoined and rejoined to the domain - to no > avail. Am I missing a port necessary for domain authentication? > > Thank You for your help and have a nice day!! > > GreenThumb > >  
Other interesting topics
QuickBooks and its users
Windows 2003 image Windows Server 2003 SP1 problem in boot XP after using Linux Invalid Domain Controller Certificate NT 4.0 and 2003 Trust NTBackup and/or Scheduled Task Not Working File Permissions Move IIS server + net folders Slow browsing shared folder(s) after Server 2003 upgrade |
|||||||||||||||||||||||
