Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Event ID: 5719
Event ID: 5719 [message #388677] Wed, 10 February 2010 12:09 Go to next message
Dwt902  is currently offline Dwt902
Messages: 8
Registered: August 2009
Junior Member
We recently upgraded our DCs from Win2003 to Win2008 R2. After the upgrade, I
started seeing the below errors on our windows server running 2003 SP2.

There is a firewall between the DCs and this server but it was working fine
before the upgrade. Are there additional ports that need to be opened for
Netlogon to function correctly in Win2008 R2?

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 2/3/2010
Time: 10:18:15 PM
User: NT AUTHORITY\SYSTEM
Computer: SERVER1
Description:
Windows cannot determine the user or computer name. (There are no more
endpoints available from the endpoint mapper. ). Group Policy processing
aborted.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 7
Date: 2/9/2010
Time: 8:10:42 PM
User: N/A
Computer: SERVER1
Description:
The kerberos subsystem encountered a PAC verification failure. This
indicates that the PAC from the client user1 in realm MYDOMAIN.ORG had a PAC
which failed to verify or was modified. Contact your system administrator.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 36 00 02 c0 6..À


Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 2/9/2010
Time: 11:01:20 PM
User: N/A
Computer: SERVER1
Description:
This computer was not able to set up a secure session with a domain
controller in domain MYDOMAIN due to the following:
The remote procedure call was cancelled.
This may lead to authentication problems. Make sure that this computer is
connected to the network. If the problem persists, please contact your domain
administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up
the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain
controller in the specified domain.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 00 02 c0 P..À

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5783
Date: 2/10/2010
Time: 12:59:43 AM
User: N/A
Computer: SERVER1
Description:
The session setup to the Windows NT or Windows 2000 Domain Controller
\\DC1.mydomain.org for the domain MYDOMAIN is not responsive. The current
RPC call from Netlogon on \\SERVER1 to \\DC1.mydomain.org has been cancelled.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 2/4/2010
Time: 10:07:08 PM
User: NT AUTHORITY\SYSTEM
Computer: SERVER1
Description:
Windows cannot determine the user or computer name. (There are no more
endpoints available from the endpoint mapper. ). Group Policy processing
aborted.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Re: Event ID: 5719 [message #388736 is a reply to message #388677] Wed, 10 February 2010 13:26 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello Dwt902,

See here about needed for ports for AD:
http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

Also check:
http://www.windowsnetworking.com/articles_tutorials/configur e-Windows-Server-2008-advanced-firewall-MMC-snap-in.html

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> We recently upgraded our DCs from Win2003 to Win2008 R2. After the
> upgrade, I started seeing the below errors on our windows server
> running 2003 SP2.
>
> There is a firewall between the DCs and this server but it was working
> fine before the upgrade. Are there additional ports that need to be
> opened for Netlogon to function correctly in Win2008 R2?
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1053
> Date: 2/3/2010
> Time: 10:18:15 PM
> User: NT AUTHORITY\SYSTEM
> Computer: SERVER1
> Description:
> Windows cannot determine the user or computer name. (There are no more
> endpoints available from the endpoint mapper. ). Group Policy
> processing
> aborted.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 7
> Date: 2/9/2010
> Time: 8:10:42 PM
> User: N/A
> Computer: SERVER1
> Description:
> The kerberos subsystem encountered a PAC verification failure. This
> indicates that the PAC from the client user1 in realm MYDOMAIN.ORG had
> a PAC
> which failed to verify or was modified. Contact your system
> administrator.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 36 00 02 c0 6..À
> Event Type: Error
> Event Source: NETLOGON
> Event Category: None
> Event ID: 5719
> Date: 2/9/2010
> Time: 11:01:20 PM
> User: N/A
> Computer: SERVER1
> Description:
> This computer was not able to set up a secure session with a domain
> controller in domain MYDOMAIN due to the following:
> The remote procedure call was cancelled.
> This may lead to authentication problems. Make sure that this computer
> is
> connected to the network. If the problem persists, please contact your
> domain
> administrator.
> ADDITIONAL INFO If this computer is a domain controller for the
> specified domain, it sets up the secure session to the primary domain
> controller emulator in the specified domain. Otherwise, this computer
> sets up the secure session to any domain controller in the specified
> domain.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 50 00 02 c0 P..À
> Event Type: Error
> Event Source: NETLOGON
> Event Category: None
> Event ID: 5783
> Date: 2/10/2010
> Time: 12:59:43 AM
> User: N/A
> Computer: SERVER1
> Description:
> The session setup to the Windows NT or Windows 2000 Domain Controller
> \\DC1.mydomain.org for the domain MYDOMAIN is not responsive. The
> current
> RPC call from Netlogon on \\SERVER1 to \\DC1.mydomain.org has been
> cancelled.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1053
> Date: 2/4/2010
> Time: 10:07:08 PM
> User: NT AUTHORITY\SYSTEM
> Computer: SERVER1
> Description:
> Windows cannot determine the user or computer name. (There are no more
> endpoints available from the endpoint mapper. ). Group Policy
> processing
> aborted.
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
Re: Event ID: 5719 [message #389227 is a reply to message #388677] Thu, 11 February 2010 06:24 Go to previous messageGo to next message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
Is ICMP available between the firewall? Group Policy needs that as well as
high ports for RPC connections. Port openings changed with 2008.

For a test I would do a firewall opening between the two machines (Only
between these two) or open up the logs on the firewall and check to see what
traffic may be getting blocked between these two. The high ports have
change to 49152 - 65535, or you can lock these into a specific range. We
lock them range into a 100 port range.

http://support.microsoft.com/kb/832017

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Dwt902" <Dwt902@discussions.microsoft.com> wrote in message
news:7E68DD03-76E6-4ACE-A31B-DD1A08E6B378@microsoft.com...
> We recently upgraded our DCs from Win2003 to Win2008 R2. After the
> upgrade, I
> started seeing the below errors on our windows server running 2003 SP2.
>
> There is a firewall between the DCs and this server but it was working
> fine
> before the upgrade. Are there additional ports that need to be opened for
> Netlogon to function correctly in Win2008 R2?
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1053
> Date: 2/3/2010
> Time: 10:18:15 PM
> User: NT AUTHORITY\SYSTEM
> Computer: SERVER1
> Description:
> Windows cannot determine the user or computer name. (There are no more
> endpoints available from the endpoint mapper. ). Group Policy processing
> aborted.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 7
> Date: 2/9/2010
> Time: 8:10:42 PM
> User: N/A
> Computer: SERVER1
> Description:
> The kerberos subsystem encountered a PAC verification failure. This
> indicates that the PAC from the client user1 in realm MYDOMAIN.ORG had a
> PAC
> which failed to verify or was modified. Contact your system
> administrator.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 36 00 02 c0 6..
>
>
> Event Type: Error
> Event Source: NETLOGON
> Event Category: None
> Event ID: 5719
> Date: 2/9/2010
> Time: 11:01:20 PM
> User: N/A
> Computer: SERVER1
> Description:
> This computer was not able to set up a secure session with a domain
> controller in domain MYDOMAIN due to the following:
> The remote procedure call was cancelled.
> This may lead to authentication problems. Make sure that this computer is
> connected to the network. If the problem persists, please contact your
> domain
> administrator.
>
> ADDITIONAL INFO
> If this computer is a domain controller for the specified domain, it sets
> up
> the secure session to the primary domain controller emulator in the
> specified
> domain. Otherwise, this computer sets up the secure session to any domain
> controller in the specified domain.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 50 00 02 c0 P..
>
> Event Type: Error
> Event Source: NETLOGON
> Event Category: None
> Event ID: 5783
> Date: 2/10/2010
> Time: 12:59:43 AM
> User: N/A
> Computer: SERVER1
> Description:
> The session setup to the Windows NT or Windows 2000 Domain Controller
> \\DC1.mydomain.org for the domain MYDOMAIN is not responsive. The current
> RPC call from Netlogon on \\SERVER1 to \\DC1.mydomain.org has been
> cancelled.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1053
> Date: 2/4/2010
> Time: 10:07:08 PM
> User: NT AUTHORITY\SYSTEM
> Computer: SERVER1
> Description:
> Windows cannot determine the user or computer name. (There are no more
> endpoints available from the endpoint mapper. ). Group Policy processing
> aborted.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
>
Re: Event ID: 5719 [message #389725 is a reply to message #389227] Thu, 11 February 2010 16:42 Go to previous messageGo to next message
Dwt902  is currently offline Dwt902
Messages: 8
Registered: August 2009
Junior Member
Paul,

Thank you for the help.

Meinolf,

The article you provided was what I needed. Opening the additional ports
solved my problem.

http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

Thank you.

"Paul Bergson [MVP-DS]" wrote:

> Is ICMP available between the firewall? Group Policy needs that as well as
> high ports for RPC connections. Port openings changed with 2008.
>
> For a test I would do a firewall opening between the two machines (Only
> between these two) or open up the logs on the firewall and check to see what
> traffic may be getting blocked between these two. The high ports have
> change to 49152 - 65535, or you can lock these into a specific range. We
> lock them range into a 100 port range.
>
> http://support.microsoft.com/kb/832017
>
> --
> Paul Bergson
> MVP - Directory Services
> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
> Microsoft's Thrive IT Pro of the Month - June 2009
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup This
> posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Dwt902" <Dwt902@discussions.microsoft.com> wrote in message
> news:7E68DD03-76E6-4ACE-A31B-DD1A08E6B378@microsoft.com...
> > We recently upgraded our DCs from Win2003 to Win2008 R2. After the
> > upgrade, I
> > started seeing the below errors on our windows server running 2003 SP2.
> >
> > There is a firewall between the DCs and this server but it was working
> > fine
> > before the upgrade. Are there additional ports that need to be opened for
> > Netlogon to function correctly in Win2008 R2?
> >
> > Event Type: Error
> > Event Source: Userenv
> > Event Category: None
> > Event ID: 1053
> > Date: 2/3/2010
> > Time: 10:18:15 PM
> > User: NT AUTHORITY\SYSTEM
> > Computer: SERVER1
> > Description:
> > Windows cannot determine the user or computer name. (There are no more
> > endpoints available from the endpoint mapper. ). Group Policy processing
> > aborted.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> > Event Type: Error
> > Event Source: Kerberos
> > Event Category: None
> > Event ID: 7
> > Date: 2/9/2010
> > Time: 8:10:42 PM
> > User: N/A
> > Computer: SERVER1
> > Description:
> > The kerberos subsystem encountered a PAC verification failure. This
> > indicates that the PAC from the client user1 in realm MYDOMAIN.ORG had a
> > PAC
> > which failed to verify or was modified. Contact your system
> > administrator.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> > Data:
> > 0000: 36 00 02 c0 6..À
> >
> >
> > Event Type: Error
> > Event Source: NETLOGON
> > Event Category: None
> > Event ID: 5719
> > Date: 2/9/2010
> > Time: 11:01:20 PM
> > User: N/A
> > Computer: SERVER1
> > Description:
> > This computer was not able to set up a secure session with a domain
> > controller in domain MYDOMAIN due to the following:
> > The remote procedure call was cancelled.
> > This may lead to authentication problems. Make sure that this computer is
> > connected to the network. If the problem persists, please contact your
> > domain
> > administrator.
> >
> > ADDITIONAL INFO
> > If this computer is a domain controller for the specified domain, it sets
> > up
> > the secure session to the primary domain controller emulator in the
> > specified
> > domain. Otherwise, this computer sets up the secure session to any domain
> > controller in the specified domain.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> > Data:
> > 0000: 50 00 02 c0 P..À
> >
> > Event Type: Error
> > Event Source: NETLOGON
> > Event Category: None
> > Event ID: 5783
> > Date: 2/10/2010
> > Time: 12:59:43 AM
> > User: N/A
> > Computer: SERVER1
> > Description:
> > The session setup to the Windows NT or Windows 2000 Domain Controller
> > \\DC1.mydomain.org for the domain MYDOMAIN is not responsive. The current
> > RPC call from Netlogon on \\SERVER1 to \\DC1.mydomain.org has been
> > cancelled.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> >
> > Event Type: Error
> > Event Source: Userenv
> > Event Category: None
> > Event ID: 1053
> > Date: 2/4/2010
> > Time: 10:07:08 PM
> > User: NT AUTHORITY\SYSTEM
> > Computer: SERVER1
> > Description:
> > Windows cannot determine the user or computer name. (There are no more
> > endpoints available from the endpoint mapper. ). Group Policy processing
> > aborted.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> >
> >
>
>
> .
>
Re: Event ID: 5719 [message #389856 is a reply to message #389725] Thu, 11 February 2010 23:16 Go to previous message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello Dwt902,

Nice to hear that you solved it. Thanks for the feedback.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Paul,
>
> Thank you for the help.
>
> Meinolf,
>
> The article you provided was what I needed. Opening the additional
> ports solved my problem.
>
> http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
>
> Thank you.
>
> "Paul Bergson [MVP-DS]" wrote:
>
>> Is ICMP available between the firewall? Group Policy needs that as
>> well as high ports for RPC connections. Port openings changed with
>> 2008.
>>
>> For a test I would do a firewall opening between the two machines
>> (Only between these two) or open up the logs on the firewall and
>> check to see what traffic may be getting blocked between these two.
>> The high ports have change to 49152 - 65535, or you can lock these
>> into a specific range. We lock them range into a 100 port range.
>>
>> http://support.microsoft.com/kb/832017
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCTS, MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>> Microsoft's Thrive IT Pro of the Month - June 2009
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>> "Dwt902" <Dwt902@discussions.microsoft.com> wrote in message
>> news:7E68DD03-76E6-4ACE-A31B-DD1A08E6B378@microsoft.com...
>>
>>> We recently upgraded our DCs from Win2003 to Win2008 R2. After the
>>> upgrade, I
>>> started seeing the below errors on our windows server running 2003
>>> SP2.
>>> There is a firewall between the DCs and this server but it was
>>> working
>>> fine
>>> before the upgrade. Are there additional ports that need to be
>>> opened for
>>> Netlogon to function correctly in Win2008 R2?
>>> Event Type: Error
>>> Event Source: Userenv
>>> Event Category: None
>>> Event ID: 1053
>>> Date: 2/3/2010
>>> Time: 10:18:15 PM
>>> User: NT AUTHORITY\SYSTEM
>>> Computer: SERVER1
>>> Description:
>>> Windows cannot determine the user or computer name. (There are no
>>> more
>>> endpoints available from the endpoint mapper. ). Group Policy
>>> processing
>>> aborted.
>>> For more information, see Help and Support Center at
>>> http://go.microsoft.com/fwlink/events.asp.
>>>
>>> Event Type: Error
>>> Event Source: Kerberos
>>> Event Category: None
>>> Event ID: 7
>>> Date: 2/9/2010
>>> Time: 8:10:42 PM
>>> User: N/A
>>> Computer: SERVER1
>>> Description:
>>> The kerberos subsystem encountered a PAC verification failure. This
>>> indicates that the PAC from the client user1 in realm MYDOMAIN.ORG
>>> had a
>>> PAC
>>> which failed to verify or was modified. Contact your system
>>> administrator.
>>> For more information, see Help and Support Center at
>>> http://go.microsoft.com/fwlink/events.asp.
>>> Data:
>>> 0000: 36 00 02 c0 6..À
>>> Event Type: Error
>>> Event Source: NETLOGON
>>> Event Category: None
>>> Event ID: 5719
>>> Date: 2/9/2010
>>> Time: 11:01:20 PM
>>> User: N/A
>>> Computer: SERVER1
>>> Description:
>>> This computer was not able to set up a secure session with a domain
>>> controller in domain MYDOMAIN due to the following:
>>> The remote procedure call was cancelled.
>>> This may lead to authentication problems. Make sure that this
>>> computer is
>>> connected to the network. If the problem persists, please contact
>>> your
>>> domain
>>> administrator.
>>> ADDITIONAL INFO
>>> If this computer is a domain controller for the specified domain, it
>>> sets
>>> up
>>> the secure session to the primary domain controller emulator in the
>>> specified
>>> domain. Otherwise, this computer sets up the secure session to any
>>> domain
>>> controller in the specified domain.
>>> For more information, see Help and Support Center at
>>> http://go.microsoft.com/fwlink/events.asp.
>>> Data:
>>> 0000: 50 00 02 c0 P..À
>>> Event Type: Error
>>> Event Source: NETLOGON
>>> Event Category: None
>>> Event ID: 5783
>>> Date: 2/10/2010
>>> Time: 12:59:43 AM
>>> User: N/A
>>> Computer: SERVER1
>>> Description:
>>> The session setup to the Windows NT or Windows 2000 Domain
>>> Controller
>>> \\DC1.mydomain.org for the domain MYDOMAIN is not responsive. The
>>> current
>>> RPC call from Netlogon on \\SERVER1 to \\DC1.mydomain.org has been
>>> cancelled.
>>> For more information, see Help and Support Center at
>>> http://go.microsoft.com/fwlink/events.asp.
>>>
>>> Event Type: Error
>>> Event Source: Userenv
>>> Event Category: None
>>> Event ID: 1053
>>> Date: 2/4/2010
>>> Time: 10:07:08 PM
>>> User: NT AUTHORITY\SYSTEM
>>> Computer: SERVER1
>>> Description:
>>> Windows cannot determine the user or computer name. (There are no
>>> more
>>> endpoints available from the endpoint mapper. ). Group Policy
>>> processing
>>> aborted.
>>> For more information, see Help and Support Center at
>>> http://go.microsoft.com/fwlink/events.asp.
>>>
>> .
>>
Previous Topic:"Users" and "Computers" objects are not OUs
Next Topic:SPAM
Goto Forum:
  


Current Time: Sat Jan 20 08:29:18 MST 2018

Total time taken to generate the page: 0.02463 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software