Trust issue with member server

  • Thread starter Thread starter Zeno75
  • Start date Start date
Z

Zeno75

Guest
Hi there............

We've got a member server which were having some domain trust issues after it was joined to the domain. After the server was initially joined to the domain we found that although the computer account was created in the AD when we try to logon using a domain account we cannot and when we try to remotely access the admin share c$ (using the domain admin account) we cannot it keeps giving "not authoirsed to logon then when we try to access the \\domain.com\netlogon share it prompts for authentication meaning there's something wrong with the domain trust.

But the strange thing is I've ran all the nltests on the server and the results are coming back fine which I;m really stumped. Additionally its likely to do with something on this server, becuase we haven't had any such issues with the 10000+ workstaions and 1000 servers in our domain.

I'm running the netlogon.log debug but cannot find anything abnormal;

04/27 17:36:33 [INIT] Group Policy is not defined for Netlogon
04/27 17:36:33 [INIT] Following are the effective values after parsing
04/27 17:36:33 [INIT] Sysvol = C:\WINDOWS\SYSVOL\SYSVOL
04/27 17:36:33 [INIT] Scripts = (null)
04/27 17:36:33 [INIT] RpcDacl = (null)
04/27 17:36:33 [INIT] SiteName (0) = HKG
04/27 17:36:33 [INIT] Pulse = 300 (0x12c)
04/27 17:36:33 [INIT] Randomize = 1 (0x1)
04/27 17:36:33 [INIT] PulseMaximum = 7200 (0x1c20)
04/27 17:36:33 [INIT] PulseConcurrency = 10 (0xa)
04/27 17:36:33 [INIT] PulseTimeout1 = 10 (0xa)
04/27 17:36:33 [INIT] PulseTimeout2 = 300 (0x12c)
04/27 17:36:33 [INIT] MaximumMailslotMessages = 500 (0x1f4)
04/27 17:36:33 [INIT] MailslotMessageTimeout = 10 (0xa)
04/27 17:36:33 [INIT] MailslotDuplicateTimeout = 2 (0x2)
04/27 17:36:33 [INIT] ExpectedDialupDelay = 0 (0x0)
04/27 17:36:33 [INIT] ScavengeInterval = 900 (0x384)
04/27 17:36:33 [INIT] MaximumPasswordAge = 30 (0x1e)
04/27 17:36:33 [INIT] LdapSrvPriority = 0 (0x0)
04/27 17:36:33 [INIT] LdapSrvWeight = 100 (0x64)
04/27 17:36:33 [INIT] LdapSrvPort = 389 (0x185)
04/27 17:36:33 [INIT] LdapGcSrvPort = 3268 (0xcc4)
04/27 17:36:33 [INIT] KdcSrvPort = 88 (0x58)
04/27 17:36:33 [INIT] KerbIsDoneWithJoinDomainEntry = 0 (0x0)
04/27 17:36:33 [INIT] DnsTtl = 600 (0x258)
04/27 17:36:33 [INIT] DnsRefreshInterval = 86400 (0x15180)
04/27 17:36:33 [INIT] CloseSiteTimeout = 900 (0x384)
04/27 17:36:33 [INIT] SiteNameTimeout = 300 (0x12c)
04/27 17:36:33 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
04/27 17:36:33 [INIT] MaxConcurrentApi = 0 (0x0)
04/27 17:36:33 [INIT] NegativeCachePeriod = 45 (0x2d)
04/27 17:36:33 [INIT] BackgroundRetryInitialPeriod = 600 (0x258)
04/27 17:36:33 [INIT] BackgroundRetryMaximumPeriod = 3600 (0xe10)
04/27 17:36:33 [INIT] BackgroundRetryQuitTime = 0 (0x0)
04/27 17:36:33 [INIT] BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
04/27 17:36:33 [INIT] NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
04/27 17:36:33 [INIT] DnsFailedDeregisterTimeout = 172800 (0x2a300)
04/27 17:36:33 [INIT] MaxLdapServersPinged = 55 (0x37)
04/27 17:36:33 [INIT] SiteCoverageRefreshInterval = 3600 (0xe10)
04/27 17:36:33 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
04/27 17:36:33 [INIT] DBFlag = 545325055 (0x2080ffff)
04/27 17:36:33 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
04/27 17:36:33 [INIT] RefusePasswordChange = FALSE
04/27 17:36:33 [INIT] AllowReplInNonMixed = FALSE
04/27 17:36:33 [INIT] AvoidSamRepl = TRUE
04/27 17:36:33 [INIT] AvoidLsaRepl = TRUE
04/27 17:36:33 [INIT] SignSecureChannel = TRUE
04/27 17:36:33 [INIT] SealSecureChannel = TRUE
04/27 17:36:33 [INIT] RequireSignOrSeal = TRUE
04/27 17:36:33 [INIT] RequireStrongKey = FALSE
04/27 17:36:33 [INIT] SysVolReady = TRUE
04/27 17:36:33 [INIT] UseDynamicDns = TRUE
04/27 17:36:33 [INIT] RegisterDnsARecords = TRUE
04/27 17:36:33 [INIT] AvoidPdcOnWan = FALSE
04/27 17:36:33 [INIT] AutoSiteCoverage = TRUE
04/27 17:36:33 [INIT] AvoidDnsDeregOnShutdown = TRUE
04/27 17:36:33 [INIT] DnsUpdateOnAllAdapters = FALSE
04/27 17:36:33 [INIT] Nt4Emulator = FALSE
04/27 17:36:33 [INIT] DisablePasswordChange = FALSE
04/27 17:36:33 [INIT] NeutralizeNt4Emulator = FALSE
04/27 17:36:33 [INIT] AllowSingleLabelDnsDomain = FALSE
04/27 17:36:33 [INIT] AllowExclusiveSysvolShareAccess = FALSE
04/27 17:36:33 [INIT] AllowExclusiveScriptsShareAccess = FALSE
04/27 17:36:33 [INIT] AvoidLocatorAccountLookup = FALSE
04/27 17:36:33 [INIT] NeverPing = FALSE
04/27 17:36:33 [INIT] Command line parsed successfully ...
04/27 17:36:33 [SITE] Setting site name to 'HKG'
04/27 17:36:33 [SESSION] \Device\NetBT_Tcpip_{09384205-633F-4734-B050-FB580F71E508}: Transport Added (10.150.192.90)
04/27 17:36:33 [SESSION] Winsock Addrs: 10.150.192.90 192.168.192.90 (2)
04/27 17:36:33 [DNS] Set DnsForestName to: root.domain.com
04/27 17:36:33 [DOMAIN] CN: Adding new domain
04/27 17:36:33 [DOMAIN] Setting our computer name to Server-APP020 Server-APP020.domain.com
04/27 17:36:33 [DOMAIN] Setting Netbios domain name to CN
04/27 17:36:33 [DOMAIN] Setting DNS domain name to domain.com.
04/27 17:36:33 [DOMAIN] Setting Domain GUID to 11c242dc-b940-413c-8476-8993031e6387
04/27 17:36:33 [CRITICAL] C:\WINDOWS\system32\config\netlogon.ftj: Unable to open. 2
04/27 17:36:33 [INIT] Getting cached trusted domain list from binary file.
04/27 17:36:33 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 17:36:33 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 17:36:33 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 17:36:33 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 17:36:33 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 17:36:33 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 17:36:33 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 17:36:33 [INIT] Starting RPC server.
04/27 17:36:33 [MISC] NlpInitializeTrace succeeded 0
04/27 17:36:33 [SESSION] CN: NlSessionSetup: Try Session setup
04/27 17:36:33 [SESSION] CN: NlDiscoverDc: Start Synchronous Discovery
04/27 17:36:33 [MISC] NetpDcGetName: domain.com. using cached information
04/27 17:36:33 [SESSION] CN: NlDiscoverDc: Found DC \\DController003.domain.com
04/27 17:36:33 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 17:36:33 [DOMAIN] Setting LSA NetbiosDomain: CN DnsDomain: domain.com. DnsTree: root.domain.com. DomainGuid:11c242dc-b940-413c-8476-8993031e6387
04/27 17:36:33 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 17:36:33 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 17:36:33 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 17:36:33 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 17:36:33 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 17:36:33 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 17:36:33 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 17:36:33 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 17:36:33 [SESSION] CN: NlSessionSetup: Session setup Succeeded
04/27 17:36:33 [INIT] Started successfully
04/27 17:36:33 [INIT] Group Policy is not defined for Netlogon
04/27 17:36:33 [INIT] Following are the effective values after parsing
04/27 17:36:33 [MISC] NlWksScavenger: Can be called again in 21 days (0x6f70534e)
04/27 17:37:26 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 17:37:26 [MISC] NetpDcGetName: domain.com using cached information
04/27 17:37:26 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 17:38:03 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 17:38:03 [MISC] NetpDcGetName: domain.com. using cached information
04/27 17:38:03 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 17:38:19 [SESSION] NETLOGON_CONTROL_TC_QUERY function received.
04/27 17:38:32 [SESSION] NETLOGON_CONTROL_TC_VERIFY function received.
04/27 17:38:32 [MISC] CN: NlVerifyTrust: new-new password match (with trust attributes)
04/27 17:39:25 [SESSION] NetrLogonGetTimeServiceParentDomain: domain.com. is the parent domain. (PdcSameSite: 1)
04/27 17:39:49 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x3f
04/27 17:39:49 [MISC] DsrEnumerateDomainTrusts: returns: 0
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:24 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:40:25 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:41:48 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController003.domain.com (TCP) 0.
04/27 17:44:03 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController003.domain.com (TCP) 1.
04/27 17:51:36 [MISC] DsGetDcName function called: Dom:cn Acct:(null) Flags:
04/27 17:51:36 [MISC] NetpDcGetName: domain.com. using cached information
04/27 17:51:36 [MISC] DsGetDcName function returns 0: Dom:cn Acct:(null) Flags:
04/27 17:51:53 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x3
04/27 17:51:53 [MISC] CN: DsrEnumerateDomainTrusts: Domain List collected from \\DController003.domain.com
04/27 17:51:53 [DOMAIN] Setting LSA NetbiosDomain: CN DnsDomain: domain.com. DnsTree: root.domain.com. DomainGuid:11c242dc-b940-413c-8476-8993031e6387
04/27 17:51:53 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 17:51:53 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 17:51:53 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 17:51:53 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 17:51:53 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 17:51:53 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 17:51:53 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 17:51:53 [MISC] DsrEnumerateDomainTrusts: returns: 0
04/27 17:52:49 [SESSION] NETLOGON_CONTROL_REDISCOVER function received.
04/27 17:52:49 [SESSION] CN: NlSetStatusClientSession: Set connection status to c000005e
04/27 17:52:49 [SESSION] CN: NlSetStatusClientSession: Unbind from server \\DController003.domain.com (TCP) 0.
04/27 17:52:49 [SESSION] CN: NlSessionSetup: Try Session setup
04/27 17:52:49 [SESSION] CN: NlDiscoverDc: Start Synchronous Discovery
04/27 17:52:49 [MAILSLOT] NetpDcPingListIp: domain.com.: Sent UDP ping to 10.150.192.214
04/27 17:52:49 [MISC] LoadBalanceDebug (Flags: FORCE DSP AVOIDSELF ): DC=DController006, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0
04/27 17:52:49 [SESSION] CN: NlDiscoverDc: Found DC \\DController006.domain.com
04/27 17:52:49 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 17:52:49 [DOMAIN] Setting LSA NetbiosDomain: CN DnsDomain: domain.com. DnsTree: root.domain.com. DomainGuid:11c242dc-b940-413c-8476-8993031e6387
04/27 17:52:49 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 17:52:49 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 17:52:49 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 17:52:49 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 17:52:49 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 17:52:49 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 17:52:49 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 17:52:49 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 17:52:49 [SESSION] CN: NlSessionSetup: Session setup Succeeded
04/27 17:53:03 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 17:53:03 [MISC] NetpDcGetName: domain.com. using cached information
04/27 17:53:03 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:38 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 17:54:39 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 17:54:48 [SESSION] NETLOGON_CONTROL_CHANGE_PASSWORD function received.
04/27 17:54:48 [SESSION] CN: NlChangePassword: Doing it.
04/27 17:54:48 [SESSION] CN: NlChangePassword: Flag password changed in LsaSecret
04/27 17:54:48 [SESSION] CN: NlChangePassword: Flag password updated on PDC
04/27 17:57:53 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController006.domain.com (TCP) 0.
04/27 17:57:53 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController006.domain.com (TCP) 1.
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 18:00:08 [MISC] NetpDcGetName: domain.com cache is too old. 2189062
04/27 18:00:08 [MAILSLOT] NetpDcPingListIp: domain.com: Sent UDP ping to 10.150.24.13
04/27 18:00:08 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to DController003.domain.com
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:08 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [MISC] NlPingDcNameWithContext: DController003.domain.com responded over IP.
04/27 18:00:09 [MISC] NetpDcGetName: domain.com using cached information
04/27 18:00:09 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:00:09 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:02:15 [MISC] DsGetDcName function called: Dom:cn Acct:(null) Flags: IP KDC
04/27 18:02:15 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:02:15 [MISC] DsGetDcName function returns 0: Dom:cn Acct:(null) Flags: IP KDC
04/27 18:02:21 [SITE] DsrGetSiteName: Returning site name 'HKG' from local cache.
04/27 18:03:46 [MISC] In control handler (Opcode: 1)
04/27 18:03:46 [MISC] NlExit: Netlogon exiting 0 0x0
04/27 18:03:46 [DOMAIN] NlDeleteDomain called
04/27 18:03:46 [DOMAIN] Domain RefCount is zero. Domain being rundown.
04/27 18:03:46 [SESSION] CN: NlFreeClientSession: Unbind from server \\DController006.domain.com (TCP) 1.
04/27 18:03:46 [SITE] Setting site name to '(null)'
04/27 18:03:47 [INIT] Group Policy is not defined for Netlogon
04/27 18:03:47 [INIT] Following are the effective values after parsing
04/27 18:03:47 [INIT] Sysvol = C:\WINDOWS\SYSVOL\SYSVOL
04/27 18:03:47 [INIT] Scripts = (null)
04/27 18:03:47 [INIT] RpcDacl = (null)
04/27 18:03:47 [INIT] SiteName (0) = HKG
04/27 18:03:47 [INIT] Pulse = 300 (0x12c)
04/27 18:03:47 [INIT] Randomize = 1 (0x1)
04/27 18:03:47 [INIT] PulseMaximum = 7200 (0x1c20)
04/27 18:03:47 [INIT] PulseConcurrency = 10 (0xa)
04/27 18:03:47 [INIT] PulseTimeout1 = 10 (0xa)
04/27 18:03:47 [INIT] PulseTimeout2 = 300 (0x12c)
04/27 18:03:47 [INIT] MaximumMailslotMessages = 500 (0x1f4)
04/27 18:03:47 [INIT] MailslotMessageTimeout = 10 (0xa)
04/27 18:03:47 [INIT] MailslotDuplicateTimeout = 2 (0x2)
04/27 18:03:47 [INIT] ExpectedDialupDelay = 0 (0x0)
04/27 18:03:47 [INIT] ScavengeInterval = 900 (0x384)
04/27 18:03:47 [INIT] MaximumPasswordAge = 30 (0x1e)
04/27 18:03:47 [INIT] LdapSrvPriority = 0 (0x0)
04/27 18:03:47 [INIT] LdapSrvWeight = 100 (0x64)
04/27 18:03:47 [INIT] LdapSrvPort = 389 (0x185)
04/27 18:03:47 [INIT] LdapGcSrvPort = 3268 (0xcc4)
04/27 18:03:47 [INIT] KdcSrvPort = 88 (0x58)
04/27 18:03:47 [INIT] KerbIsDoneWithJoinDomainEntry = 0 (0x0)
04/27 18:03:47 [INIT] DnsTtl = 600 (0x258)
04/27 18:03:47 [INIT] DnsRefreshInterval = 86400 (0x15180)
04/27 18:03:47 [INIT] CloseSiteTimeout = 900 (0x384)
04/27 18:03:47 [INIT] SiteNameTimeout = 300 (0x12c)
04/27 18:03:47 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
04/27 18:03:47 [INIT] MaxConcurrentApi = 0 (0x0)
04/27 18:03:47 [INIT] NegativeCachePeriod = 45 (0x2d)
04/27 18:03:47 [INIT] BackgroundRetryInitialPeriod = 600 (0x258)
04/27 18:03:47 [INIT] BackgroundRetryMaximumPeriod = 3600 (0xe10)
04/27 18:03:47 [INIT] BackgroundRetryQuitTime = 0 (0x0)
04/27 18:03:47 [INIT] BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
04/27 18:03:47 [INIT] NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
04/27 18:03:47 [INIT] DnsFailedDeregisterTimeout = 172800 (0x2a300)
04/27 18:03:47 [INIT] MaxLdapServersPinged = 55 (0x37)
04/27 18:03:47 [INIT] SiteCoverageRefreshInterval = 3600 (0xe10)
04/27 18:03:47 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
04/27 18:03:47 [INIT] DBFlag = 545325055 (0x2080ffff)
04/27 18:03:47 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
04/27 18:03:47 [INIT] RefusePasswordChange = FALSE
04/27 18:03:47 [INIT] AllowReplInNonMixed = FALSE
04/27 18:03:47 [INIT] AvoidSamRepl = TRUE
04/27 18:03:47 [INIT] AvoidLsaRepl = TRUE
04/27 18:03:47 [INIT] SignSecureChannel = TRUE
04/27 18:03:47 [INIT] SealSecureChannel = TRUE
04/27 18:03:47 [INIT] RequireSignOrSeal = TRUE
04/27 18:03:47 [INIT] RequireStrongKey = FALSE
04/27 18:03:47 [INIT] SysVolReady = TRUE
04/27 18:03:47 [INIT] UseDynamicDns = TRUE
04/27 18:03:47 [INIT] RegisterDnsARecords = TRUE
04/27 18:03:47 [INIT] AvoidPdcOnWan = FALSE
04/27 18:03:47 [INIT] AutoSiteCoverage = TRUE
04/27 18:03:47 [INIT] AvoidDnsDeregOnShutdown = TRUE
04/27 18:03:47 [INIT] DnsUpdateOnAllAdapters = FALSE
04/27 18:03:47 [INIT] Nt4Emulator = FALSE
04/27 18:03:47 [INIT] DisablePasswordChange = FALSE
04/27 18:03:47 [INIT] NeutralizeNt4Emulator = FALSE
04/27 18:03:47 [INIT] AllowSingleLabelDnsDomain = FALSE
04/27 18:03:47 [INIT] AllowExclusiveSysvolShareAccess = FALSE
04/27 18:03:47 [INIT] AllowExclusiveScriptsShareAccess = FALSE
04/27 18:03:47 [INIT] AvoidLocatorAccountLookup = FALSE
04/27 18:03:47 [INIT] NeverPing = FALSE
04/27 18:03:47 [INIT] Command line parsed successfully ...
04/27 18:03:47 [SITE] Setting site name to 'HKG'
04/27 18:03:47 [SESSION] \Device\NetBT_Tcpip_{09384205-633F-4734-B050-FB580F71E508}: Transport Added (10.150.192.90)
04/27 18:03:47 [SESSION] Winsock Addrs: 10.150.192.90 192.168.192.90 (2)
04/27 18:03:47 [DNS] Set DnsForestName to: root.domain.com
04/27 18:03:47 [DOMAIN] CN: Adding new domain
04/27 18:03:47 [DOMAIN] Setting our computer name to Server-APP020 Server-APP020.domain.com
04/27 18:03:47 [DOMAIN] Setting Netbios domain name to CN
04/27 18:03:47 [DOMAIN] Setting DNS domain name to domain.com.
04/27 18:03:47 [DOMAIN] Setting Domain GUID to 11c242dc-b940-413c-8476-8993031e6387
04/27 18:03:47 [CRITICAL] C:\WINDOWS\system32\config\netlogon.ftj: Unable to open. 2
04/27 18:03:47 [INIT] Getting cached trusted domain list from binary file.
04/27 18:03:47 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 18:03:47 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 18:03:47 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 18:03:47 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 18:03:47 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 18:03:47 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 18:03:47 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 18:03:47 [INIT] Starting RPC server.
04/27 18:03:47 [MISC] NlpInitializeTrace succeeded 0
04/27 18:03:47 [SESSION] CN: NlSessionSetup: Try Session setup
04/27 18:03:47 [SESSION] CN: NlDiscoverDc: Start Synchronous Discovery
04/27 18:03:47 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:03:47 [SESSION] CN: NlDiscoverDc: Found DC \\DController006.domain.com
04/27 18:03:47 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 18:03:47 [DOMAIN] Setting LSA NetbiosDomain: CN DnsDomain: domain.com. DnsTree: root.domain.com. DomainGuid:11c242dc-b940-413c-8476-8993031e6387
04/27 18:03:47 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 18:03:47 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 18:03:47 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 18:03:47 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 18:03:47 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 18:03:47 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 18:03:47 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 18:03:47 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 18:03:47 [SESSION] CN: NlSessionSetup: Session setup Succeeded
04/27 18:03:47 [INIT] Started successfully
04/27 18:03:47 [INIT] Group Policy is not defined for Netlogon
04/27 18:03:47 [INIT] Following are the effective values after parsing
04/27 18:03:47 [MISC] NlWksScavenger: Can be called again in 30 days (0x9e7273c7)
04/27 18:06:47 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController006.domain.com (TCP) 0.
04/27 18:08:03 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:08:03 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:08:03 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:15:29 [MISC] In control handler (Opcode: 1)
04/27 18:15:29 [MISC] NlExit: Netlogon exiting 0 0x0
04/27 18:15:29 [DOMAIN] NlDeleteDomain called
04/27 18:15:29 [DOMAIN] Domain RefCount is zero. Domain being rundown.
04/27 18:15:29 [SITE] Setting site name to '(null)'
04/27 18:15:30 [INIT] Group Policy is not defined for Netlogon
04/27 18:15:30 [INIT] Following are the effective values after parsing
04/27 18:15:30 [INIT] Sysvol = C:\WINDOWS\SYSVOL\SYSVOL
04/27 18:15:30 [INIT] Scripts = (null)
04/27 18:15:30 [INIT] RpcDacl = (null)
04/27 18:15:30 [INIT] SiteName (0) = HKG
04/27 18:15:30 [INIT] Pulse = 300 (0x12c)
04/27 18:15:30 [INIT] Randomize = 1 (0x1)
04/27 18:15:30 [INIT] PulseMaximum = 7200 (0x1c20)
04/27 18:15:30 [INIT] PulseConcurrency = 10 (0xa)
04/27 18:15:30 [INIT] PulseTimeout1 = 10 (0xa)
04/27 18:15:30 [INIT] PulseTimeout2 = 300 (0x12c)
04/27 18:15:30 [INIT] MaximumMailslotMessages = 500 (0x1f4)
04/27 18:15:30 [INIT] MailslotMessageTimeout = 10 (0xa)
04/27 18:15:30 [INIT] MailslotDuplicateTimeout = 2 (0x2)
04/27 18:15:30 [INIT] ExpectedDialupDelay = 0 (0x0)
04/27 18:15:30 [INIT] ScavengeInterval = 900 (0x384)
04/27 18:15:30 [INIT] MaximumPasswordAge = 30 (0x1e)
04/27 18:15:30 [INIT] LdapSrvPriority = 0 (0x0)
04/27 18:15:30 [INIT] LdapSrvWeight = 100 (0x64)
04/27 18:15:30 [INIT] LdapSrvPort = 389 (0x185)
04/27 18:15:30 [INIT] LdapGcSrvPort = 3268 (0xcc4)
04/27 18:15:30 [INIT] KdcSrvPort = 88 (0x58)
04/27 18:15:30 [INIT] KerbIsDoneWithJoinDomainEntry = 0 (0x0)
04/27 18:15:30 [INIT] DnsTtl = 600 (0x258)
04/27 18:15:30 [INIT] DnsRefreshInterval = 86400 (0x15180)
04/27 18:15:30 [INIT] CloseSiteTimeout = 900 (0x384)
04/27 18:15:30 [INIT] SiteNameTimeout = 300 (0x12c)
04/27 18:15:30 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
04/27 18:15:30 [INIT] MaxConcurrentApi = 0 (0x0)
04/27 18:15:30 [INIT] NegativeCachePeriod = 45 (0x2d)
04/27 18:15:30 [INIT] BackgroundRetryInitialPeriod = 600 (0x258)
04/27 18:15:30 [INIT] BackgroundRetryMaximumPeriod = 3600 (0xe10)
04/27 18:15:30 [INIT] BackgroundRetryQuitTime = 0 (0x0)
04/27 18:15:30 [INIT] BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
04/27 18:15:30 [INIT] NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
04/27 18:15:30 [INIT] DnsFailedDeregisterTimeout = 172800 (0x2a300)
04/27 18:15:30 [INIT] MaxLdapServersPinged = 55 (0x37)
04/27 18:15:30 [INIT] SiteCoverageRefreshInterval = 3600 (0xe10)
04/27 18:15:30 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
04/27 18:15:30 [INIT] DBFlag = 545325055 (0x2080ffff)
04/27 18:15:30 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
04/27 18:15:30 [INIT] RefusePasswordChange = FALSE
04/27 18:15:30 [INIT] AllowReplInNonMixed = FALSE
04/27 18:15:30 [INIT] AvoidSamRepl = TRUE
04/27 18:15:30 [INIT] AvoidLsaRepl = TRUE
04/27 18:15:30 [INIT] SignSecureChannel = TRUE
04/27 18:15:30 [INIT] SealSecureChannel = TRUE
04/27 18:15:30 [INIT] RequireSignOrSeal = TRUE
04/27 18:15:30 [INIT] RequireStrongKey = FALSE
04/27 18:15:30 [INIT] SysVolReady = TRUE
04/27 18:15:30 [INIT] UseDynamicDns = TRUE
04/27 18:15:30 [INIT] RegisterDnsARecords = TRUE
04/27 18:15:30 [INIT] AvoidPdcOnWan = FALSE
04/27 18:15:30 [INIT] AutoSiteCoverage = TRUE
04/27 18:15:30 [INIT] AvoidDnsDeregOnShutdown = TRUE
04/27 18:15:30 [INIT] DnsUpdateOnAllAdapters = FALSE
04/27 18:15:30 [INIT] Nt4Emulator = FALSE
04/27 18:15:30 [INIT] DisablePasswordChange = FALSE
04/27 18:15:30 [INIT] NeutralizeNt4Emulator = FALSE
04/27 18:15:30 [INIT] AllowSingleLabelDnsDomain = FALSE
04/27 18:15:30 [INIT] AllowExclusiveSysvolShareAccess = FALSE
04/27 18:15:30 [INIT] AllowExclusiveScriptsShareAccess = FALSE
04/27 18:15:30 [INIT] AvoidLocatorAccountLookup = FALSE
04/27 18:15:30 [INIT] NeverPing = FALSE
04/27 18:15:30 [INIT] Command line parsed successfully ...
04/27 18:15:30 [SITE] Setting site name to 'HKG'
04/27 18:15:30 [SESSION] \Device\NetBT_Tcpip_{09384205-633F-4734-B050-FB580F71E508}: Transport Added (10.150.192.90)
04/27 18:15:30 [SESSION] Winsock Addrs: 10.150.192.90 192.168.192.90 (2)
04/27 18:15:30 [DNS] Set DnsForestName to: root.domain.com
04/27 18:15:30 [DOMAIN] CN: Adding new domain
04/27 18:15:30 [DOMAIN] Setting our computer name to Server-APP020 Server-APP020.domain.com
04/27 18:15:30 [DOMAIN] Setting Netbios domain name to CN
04/27 18:15:30 [DOMAIN] Setting DNS domain name to domain.com.
04/27 18:15:30 [DOMAIN] Setting Domain GUID to 11c242dc-b940-413c-8476-8993031e6387
04/27 18:15:30 [CRITICAL] C:\WINDOWS\system32\config\netlogon.ftj: Unable to open. 2
04/27 18:15:30 [INIT] Getting cached trusted domain list from binary file.
04/27 18:15:30 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 18:15:30 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 18:15:30 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 18:15:30 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 18:15:30 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 18:15:30 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 18:15:30 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 18:15:30 [MISC] NlpInitializeTrace succeeded 0
04/27 18:15:30 [INIT] Starting RPC server.
04/27 18:15:30 [SESSION] CN: NlSessionSetup: Try Session setup
04/27 18:15:30 [SESSION] CN: NlDiscoverDc: Start Synchronous Discovery
04/27 18:15:30 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:15:30 [SESSION] CN: NlDiscoverDc: Found DC \\DController006.domain.com
04/27 18:15:30 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 18:15:30 [DOMAIN] Setting LSA NetbiosDomain: CN DnsDomain: domain.com. DnsTree: root.domain.com. DomainGuid:11c242dc-b940-413c-8476-8993031e6387
04/27 18:15:30 [LOGON] NlSetForestTrustList: New trusted domain list:
04/27 18:15:30 [LOGON] 0: ASIA root.domain.com (NT 5) (Forest Tree Root) (Direct Outbound) (Direct Inbound) ( Attr: 0x20 )
04/27 18:15:30 [LOGON] Dom Guid: 7e13cb82-99ea-466d-963d-2aa9ed4a57f4
04/27 18:15:30 [LOGON] Dom Sid: S-1-5-21-155781502-3518960662-3262718245
04/27 18:15:30 [LOGON] 1: CN domain.com (NT 5) (Forest: 0) (Primary Domain) (Native)
04/27 18:15:30 [LOGON] Dom Guid: 11c242dc-b940-413c-8476-8993031e6387
04/27 18:15:30 [LOGON] Dom Sid: S-1-5-21-453305679-1483540776-2973662666
04/27 18:15:30 [SESSION] CN: NlSetStatusClientSession: Set connection status to 0
04/27 18:15:30 [SESSION] CN: NlSessionSetup: Session setup Succeeded
04/27 18:15:30 [INIT] Started successfully
04/27 18:15:30 [INIT] Group Policy is not defined for Netlogon
04/27 18:15:30 [INIT] Following are the effective values after parsing
04/27 18:15:30 [MISC] NlWksScavenger: Can be called again in 30 days (0x9bda09fa)
04/27 18:18:30 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController006.domain.com (TCP) 0.
04/27 18:22:37 [SESSION] Winsock Addrs: 10.150.192.90 (1) List size changed 2 1.
04/27 18:22:37 [SITE] DsrGetSiteName: Site name 'HKG' is old. Getting a new one from DC.
04/27 18:22:37 [MAILSLOT] NetpDcPingListIp: domain.com.: Sent UDP ping to 10.150.192.214
04/27 18:22:37 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to DController006.domain.com
04/27 18:22:38 [MISC] NlPingDcNameWithContext: DController006.domain.com responded over IP.
04/27 18:22:38 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
04/27 18:22:38 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:22:38 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
04/27 18:22:52 [SESSION] Winsock Addrs: 10.150.192.90 192.168.192.90 (2) List size changed 1 2.
04/27 18:22:52 [SITE] DsrGetSiteName: Returning site name 'HKG' from local cache.
04/27 18:22:52 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
04/27 18:22:52 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:22:52 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
04/27 18:23:04 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:23:04 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:23:04 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 18:29:53 [MISC] NetpDcGetName: domain.com using cached information
04/27 18:29:53 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: IP KDC
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:53 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Entered
04/27 18:29:54 [LOGON] SamLogon: Network logon of domain\usernameA from Workstation001 Returns 0x0
04/27 18:31:08 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: WRITABLE LDAPONLY DNS RET_DNS
04/27 18:31:08 [MISC] NetpDcGetName: domain.com cache is too old. 3807969
04/27 18:31:08 [MAILSLOT] NetpDcPingListIp: domain.com: Sent UDP ping to 10.150.192.214
04/27 18:31:08 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to DController006.domain.com
04/27 18:31:08 [MISC] NlPingDcNameWithContext: DController006.domain.com responded over IP.
04/27 18:31:08 [MISC] NetpDcGetName: domain.com using cached information
04/27 18:31:08 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: WRITABLE LDAPONLY DNS RET_DNS
04/27 18:33:38 [SESSION] CN: NlTimeoutApiClientSession: Unbind from server \\DController006.domain.com (TCP) 1.
04/27 18:38:04 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:38:04 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:38:04 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:53:04 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 18:53:04 [MISC] NetpDcGetName: domain.com. using cached information
04/27 18:53:04 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 19:08:04 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 19:08:04 [MISC] NetpDcGetName: domain.com. using cached information
04/27 19:08:04 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS BACKGROUND
04/27 19:09:40 [MISC] DsGetDcName function called: Dom:CN Acct:(null) Flags: DS NETBIOS RET_DNS
04/27 19:09:40 [MISC] NetpDcGetName: domain.com. cache is too old. 4610266
04/27 19:09:40 [MAILSLOT] NetpDcPingListIp: domain.com.: Sent UDP ping to 10.150.192.214
04/27 19:09:40 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to DController006.domain.com
04/27 19:09:40 [MISC] NlPingDcNameWithContext: DController006.domain.com responded over IP.
04/27 19:09:40 [MISC] NetpDcGetName: domain.com. using cached information
04/27 19:09:40 [MISC] DsGetDcName function returns 0: Dom:CN Acct:(null) Flags: DS NETBIOS RET_DNS
04/27 19:09:40 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: DS BACKGROUND RET_DNS



except the following

CRITICAL] C:\WINDOWS\system32\config\netlogon.ftj: Unable to open. 2
04/27 17:36:33 [INIT] Getting cached trusted domain list from binary file.

The server has 2 NICs configured a public NIC and a NIC for backup LAN with NETBIOS disabled.

I;ve already run tests on the DC like DCdiag netdiayg and our DCs are fine seems. So I can't figure out whats wrong with the member server.

The server is running IIS as well.

Any help would be appreciated....Momo

Continue reading...
 
You must log in or register to reply here.

Similar threads

B
Failed to install update KB5001330 - Error 0x8007000d
Replies
0
Views
17
BarryNugent
B
B
Failed to install update KB5001330 - Error 0x8007000d
Replies
0
Views
307
BarryNugent
B
K
I am trying to ascertain why my computer shuts down shortly after unplugging it (battery issue)
Replies
0
Views
10
Kyle Is Here
K
C
what is eventtype PCA2 and how can i fix it?
Replies
0
Views
12
Cintagram
C
C
what is eventtype PCA2 and how can i fix it?
Replies
0
Views
9
Cintagram
C
Back
Top