New Active Directory Domain Issues

Active Directory
Microsoft Windows
We have just created a new Win2K AD Domain and the Win2K Server seems to running well. WE have several PC's and a standalone server that we have joined to the domain, the problem is that when we reboot the standalone aerver and try to login to the domain we get an RPC Server unavailable and then when we log the same server locally no errors come and we can browse the network and view this server and the DC under the domain. In Event viewer on the standalone server we receive the following: Event ID: 5788 Attempt to update HOST Service Principal Names [SPNs] of the computer object in the Active Directory failed. The updated values were '<UNAVAILABLE>' and '<UNAVAILABLE>' the following error, the RPC Ssserver is unavailable. All help is greatly appreciated. David

Answer Wiki

Thanks. We'll let you know when a new response is added.

That Event ID typically implies a DNS issue. Check out the following link.

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Networkninja
    This behavior can occur if the computer account has permission to read the Active Directory record for itself, but does not have permission to write to the record or to the entire directory. Using the Active Directory Users and Computers snap-in, verify that the computer has permissions in the "Access the computer from the network" user right for the "Default domain controllers" Group Policy object (GPO) in the Domain Controllers organizational unit. Open each of the following items in the snap-in: Default Domain Controllers Policy Computed Configuration Windows Settings Security Settings Local Policies User Rights Assignment As a test, add "Authenticated Users" if it is not present. Also, verify that the security settings in the computer object have permission to read, write, create, and delete child objects, and change passwords. The "Access is denied" error message occurs when Netlogon attempts to update the directory service object for its computer account. In most cases, this occurs for new machine accounts before the computer has had a chance to update the records for the first time. If the error message is "The system cannot find the file specified" instead of "Access is denied," the computed object may have been deleted. Or (more likely), the computer account does not have permission to even read the object for its computer account. Check the permissions. If the error message is "The parameter is incorrect" instead of "Access is denied," the DNS suffix for the computer may not match the domain name. To verify and change the suffix, right-click My Computer, click Properties, click the Network Identification tab, click Properties, and then click More. The DNS suffix is listed in the Primary DNS suffix for this computer box. Confirm that this matches your domain name, or change it if necessary. Check Q257623, Q329708, Q819411, Q826899 to fix this problem.
    0 pointsBadges:
  • Delebute2004
    Thanks to everyone that replied. it was a DNS problem and once we fixed that everything worked fine and we also removed and re-added the pc in question back into the domain without issue. David
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: