| Author |
Message |
Nigel.UK.
Guest
|
 Posted:
Wed Oct 12, 2005 8:50 pm Post subject:
DNS Kerebos SmartCard ERROR messages |
|
|
I do not use smartcard on my system. Can I avoid startup error meesages and
event error messages in DNS, active directory service and others without an
external certificate?
Apparently DNS cannot access active directory, but IE and file browsing
works ok. |
|
| Back to top |
|
 |
Todd J Heron
Guest
|
| Posted:
Thu Oct 13, 2005 12:51 am Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
"Nigel.UK." <NigelUK@discussions.microsoft.com> wrote in message...
[quote]I do not use smartcard on my system. Can I avoid startup error messages and
event error messages in DNS, active directory >service and others without
an external certificate? Apparently DNS cannot access active directory, but
IE and file browsing
works ok.
[/quote]
Point your DNS server to itself under TCP/IP properties, not to your ISP's
DNS server.
--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights |
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Thu Oct 13, 2005 8:50 am Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Many thanks. I apologise for my ignorance but how do I do what you suggest?
When I open dnsmgmt and Configure a DNS Server I arrive at the message the
zone already exists or if I try another way to enter the local iP address in
the forward server I reach "invalid address"
best wishes
nigel
"Todd J Heron" wrote:
[quote]"Nigel.UK." <NigelUK@discussions.microsoft.com> wrote in message...
I do not use smartcard on my system. Can I avoid startup error messages and
event error messages in DNS, active directory >service and others without
an external certificate? Apparently DNS cannot access active directory, but
IE and file browsing
works ok.
Point your DNS server to itself under TCP/IP properties, not to your ISP's
DNS server.
--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights
[/quote] |
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Thu Oct 13, 2005 12:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Thanks Kevin. If they can be ignored, can I stop them appearing so that only
"real" problems bring up the alert on start-up?
best wishes
nigel
"Kevin D. Goodknecht Sr. [MVP]" wrote:
| Quote: | Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
I do not use smartcard on my system. Can I avoid startup error
meesages and event error messages in DNS, active directory service
and others without an external certificate?
Apparently DNS cannot access active directory, but IE and file
browsing works ok.
Start up errors are common if you only have one DC. They are caused by a
catch22 situation, Active Directory needs DNS in order to start, so when DNS
starts AD has not started yet. Therefore, the zones that are stored in AD
cannot be loaded because AD has not started.
You may also see 40960 and 40961 events at start up, if they are to an
external DNS server it is usually because you don't have a zone it is trying
to make a secure connection to, usually these events say it is trying to
make a secure connection to prisoner.iana.org. Creating a reverse lookup
zone3 stops these. If the events show its own name, it is usually caused
because the time service has not started, you can ignore those.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Thu Oct 13, 2005 12:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
| Quote: | I do not use smartcard on my system. Can I avoid startup error
meesages and event error messages in DNS, active directory service
and others without an external certificate?
Apparently DNS cannot access active directory, but IE and file
browsing works ok.
|
Start up errors are common if you only have one DC. They are caused by a
catch22 situation, Active Directory needs DNS in order to start, so when DNS
starts AD has not started yet. Therefore, the zones that are stored in AD
cannot be loaded because AD has not started.
You may also see 40960 and 40961 events at start up, if they are to an
external DNS server it is usually because you don't have a zone it is trying
to make a secure connection to, usually these events say it is trying to
make a secure connection to prisoner.iana.org. Creating a reverse lookup
zone3 stops these. If the events show its own name, it is usually caused
because the time service has not started, you can ignore those.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Fri Oct 14, 2005 8:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
| Quote: | Thanks Kevin. If they can be ignored, can I stop them appearing so
that only "real" problems bring up the alert on start-up?
best wishes
nigel
|
It depends on exactly what errors you are talking about. There are several
start up errors that can be worked around.
What are your start up event errors?
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Mon Oct 17, 2005 8:51 am Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
The first startup message comes before log in:
"At least one service or driver failed during system startup. Use Event
Viewer to examine the event log for details"
The Event Viewer has 6 categories:
1. Application
Warning WinMgmt Event ID 5603 A provider, PerfProv, has been registered in
the WMI namespace ROOT\C1MV2\MicrosoftHealthMonitor\PerfMon did not specify
the HostingModel property.
Warning EventID 2003 The configuartion information of the performance
library "C:\windows\system32\infoctrs.dll" for the "InetInfo" service does
not match the trusted performnance library information stored in the registry.
ERROR Event ID 1008 The open Procedure for service "WMServer" in DLL
"C:\windows\system32\WMSPerf.dll" failed.
2. Security
no events
3. System
Warning KDC Event ID 20 The currently selected KDC certificate was oncevalid
but now is invalid and no suitable replacement was found.
ERROR KDC Event ID 7022 The Kerebos KDC service hung on starting.
4. Directory Service
Warning NTDS Replication Event ID 2089 The directory partition has not been
backed up since at least the following number of days
interval 30 days
5. DNS Server
ERROR Event ID 4015 The DNS server has encountered a critical error from the
Active Directory. Check that the Active Directory is functioning properly
Error event ID 4004 The DNS Server was unable to complete directory service
enumeratuion of zone ...
This event ERROR occurs four times
6. File Replication Service
no events
"Kevin D. Goodknecht Sr. [MVP]" wrote:
| Quote: | Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
Thanks Kevin. If they can be ignored, can I stop them appearing so
that only "real" problems bring up the alert on start-up?
best wishes
nigel
It depends on exactly what errors you are talking about. There are several
start up errors that can be worked around.
What are your start up event errors?
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Tue Oct 18, 2005 8:50 am Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
| Quote: | The first startup message comes before log in:
"At least one service or driver failed during system startup. Use
Event Viewer to examine the event log for details"
The Event Viewer has 6 categories:
1. Application
Warning WinMgmt Event ID 5603 A provider, PerfProv, has been
registered in the WMI namespace
ROOT\C1MV2\MicrosoftHealthMonitor\PerfMon did not specify the
HostingModel property.
|
http://www.eventid.net/display.asp?eventid=5603&eventno=4431&source=WinMgmt&phase=1
| Quote: |
Warning EventID 2003 The configuartion information of the performance
library "C:\windows\system32\infoctrs.dll" for the "InetInfo" service
does not match the trusted performnance library information stored in
the registry.
|
http://www.eventid.net/display.asp?eventid=2003&eventno=705&source=Perflib&phase=1
| Quote: |
ERROR Event ID 1008 The open Procedure for service "WMServer" in DLL
"C:\windows\system32\WMSPerf.dll" failed.
|
http://www.eventid.net/display.asp?eventid=1008&eventno=70&source=Perflib&phase=1
| Quote: |
2. Security
no events
3. System
Warning KDC Event ID 20 The currently selected KDC certificate was
oncevalid but now is invalid and no suitable replacement was found.
|
http://www.eventid.net/display.asp?eventid=20&eventno=3396&source=KDC&phase=1
Did you have an External CA Certificate on this erver?
| Quote: |
ERROR KDC Event ID 7022 The Kerebos KDC service hung on starting.
4. Directory Service
Warning NTDS Replication Event ID 2089 The directory partition has
not been backed up since at least the following number of days
interval 30 days
|
http://www.eventid.net/display.asp?eventid=2089&eventno=6024&source=NTDS%20Replication&phase=1
| Quote: |
5. DNS Server
ERROR Event ID 4015 The DNS server has encountered a critical error
from the Active Directory. Check that the Active Directory is
functioning properly
Error event ID 4004 The DNS Server was unable to complete directory
service enumeratuion of zone ...
This event ERROR occurs four times
|
These two errors are common at start up if yo only have one DC and you use
AD integrated zones, you can change the zone to standard primary to stop
this event but you lose security in doing this. Ignore these errors if the
only occur at start up or install another DC.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Tue Oct 18, 2005 12:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
I have removed administrator from health monitor
I have uninstalled and reinstalled IIS
event 1008 Perflib I have yet to tackle
The RPC locator was set to automatic
i have run sucessfully certutil -dcinfo deleteBad
(I did not have an external certificate as far as I know)
I have tried a backup unsuccessfully and will retry later
DNS server errors: Can I stop these from appearing?
Many thanks for your advice which has been most helpful
"Kevin D. Goodknecht Sr. [MVP]" wrote:
| Quote: | Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
The first startup message comes before log in:
"At least one service or driver failed during system startup. Use
Event Viewer to examine the event log for details"
The Event Viewer has 6 categories:
1. Application
Warning WinMgmt Event ID 5603 A provider, PerfProv, has been
registered in the WMI namespace
ROOT\C1MV2\MicrosoftHealthMonitor\PerfMon did not specify the
HostingModel property.
http://www.eventid.net/display.asp?eventid=5603&eventno=4431&source=WinMgmt&phase=1
Warning EventID 2003 The configuartion information of the performance
library "C:\windows\system32\infoctrs.dll" for the "InetInfo" service
does not match the trusted performnance library information stored in
the registry.
http://www.eventid.net/display.asp?eventid=2003&eventno=705&source=Perflib&phase=1
ERROR Event ID 1008 The open Procedure for service "WMServer" in DLL
"C:\windows\system32\WMSPerf.dll" failed.
http://www.eventid.net/display.asp?eventid=1008&eventno=70&source=Perflib&phase=1
2. Security
no events
3. System
Warning KDC Event ID 20 The currently selected KDC certificate was
oncevalid but now is invalid and no suitable replacement was found.
http://www.eventid.net/display.asp?eventid=20&eventno=3396&source=KDC&phase=1
Did you have an External CA Certificate on this erver?
ERROR KDC Event ID 7022 The Kerebos KDC service hung on starting.
4. Directory Service
Warning NTDS Replication Event ID 2089 The directory partition has
not been backed up since at least the following number of days
interval 30 days
http://www.eventid.net/display.asp?eventid=2089&eventno=6024&source=NTDS%20Replication&phase=1
5. DNS Server
ERROR Event ID 4015 The DNS server has encountered a critical error
from the Active Directory. Check that the Active Directory is
functioning properly
Error event ID 4004 The DNS Server was unable to complete directory
service enumeratuion of zone ...
This event ERROR occurs four times
These two errors are common at start up if yo only have one DC and you use
AD integrated zones, you can change the zone to standard primary to stop
this event but you lose security in doing this. Ignore these errors if the
only occur at start up or install another DC.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Tue Oct 18, 2005 4:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Further to my earlier message I have now shut down restarted. the error
messages have Gone! hurrah for that, and many thanks indeed, but the reason i
think i could not backup system files is because volume shadow service is not
working Event ID 12289 Volume shadow copy service warning
GetVolumeInformationW. .... NULL.o,NULL.NULL.... hr=0x00000000
any ideas on this one Kevin?
regards
nigel
"Kevin D. Goodknecht Sr. [MVP]" wrote:
| Quote: | Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
The first startup message comes before log in:
"At least one service or driver failed during system startup. Use
Event Viewer to examine the event log for details"
The Event Viewer has 6 categories:
1. Application
Warning WinMgmt Event ID 5603 A provider, PerfProv, has been
registered in the WMI namespace
ROOT\C1MV2\MicrosoftHealthMonitor\PerfMon did not specify the
HostingModel property.
http://www.eventid.net/display.asp?eventid=5603&eventno=4431&source=WinMgmt&phase=1
Warning EventID 2003 The configuartion information of the performance
library "C:\windows\system32\infoctrs.dll" for the "InetInfo" service
does not match the trusted performnance library information stored in
the registry.
http://www.eventid.net/display.asp?eventid=2003&eventno=705&source=Perflib&phase=1
ERROR Event ID 1008 The open Procedure for service "WMServer" in DLL
"C:\windows\system32\WMSPerf.dll" failed.
http://www.eventid.net/display.asp?eventid=1008&eventno=70&source=Perflib&phase=1
2. Security
no events
3. System
Warning KDC Event ID 20 The currently selected KDC certificate was
oncevalid but now is invalid and no suitable replacement was found.
http://www.eventid.net/display.asp?eventid=20&eventno=3396&source=KDC&phase=1
Did you have an External CA Certificate on this erver?
ERROR KDC Event ID 7022 The Kerebos KDC service hung on starting.
4. Directory Service
Warning NTDS Replication Event ID 2089 The directory partition has
not been backed up since at least the following number of days
interval 30 days
http://www.eventid.net/display.asp?eventid=2089&eventno=6024&source=NTDS%20Replication&phase=1
5. DNS Server
ERROR Event ID 4015 The DNS server has encountered a critical error
from the Active Directory. Check that the Active Directory is
functioning properly
Error event ID 4004 The DNS Server was unable to complete directory
service enumeratuion of zone ...
This event ERROR occurs four times
These two errors are common at start up if yo only have one DC and you use
AD integrated zones, you can change the zone to standard primary to stop
this event but you lose security in doing this. Ignore these errors if the
only occur at start up or install another DC.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Nigel.UK.
Guest
|
| Posted:
Thu Oct 20, 2005 12:50 pm Post subject:
Re: DNS Kerebos SmartCard ERROR messages |
|
|
Hi Kevin. Just a thank you . No error messages at all now. wonderful!
Also, the Vss shadow copy problem is solved using regsvr32 /i swprv.dll
"Kevin D. Goodknecht Sr. [MVP]" wrote:
| Quote: | Nigel.UK. <NigelUK@discussions.microsoft.com> wrote:
The first startup message comes before log in:
"At least one service or driver failed during system startup. Use
Event Viewer to examine the event log for details"
The Event Viewer has 6 categories:
1. Application
Warning WinMgmt Event ID 5603 A provider, PerfProv, has been
registered in the WMI namespace
ROOT\C1MV2\MicrosoftHealthMonitor\PerfMon did not specify the
HostingModel property.
http://www.eventid.net/display.asp?eventid=5603&eventno=4431&source=WinMgmt&phase=1
Warning EventID 2003 The configuartion information of the performance
library "C:\windows\system32\infoctrs.dll" for the "InetInfo" service
does not match the trusted performnance library information stored in
the registry.
http://www.eventid.net/display.asp?eventid=2003&eventno=705&source=Perflib&phase=1
ERROR Event ID 1008 The open Procedure for service "WMServer" in DLL
"C:\windows\system32\WMSPerf.dll" failed.
http://www.eventid.net/display.asp?eventid=1008&eventno=70&source=Perflib&phase=1
2. Security
no events
3. System
Warning KDC Event ID 20 The currently selected KDC certificate was
oncevalid but now is invalid and no suitable replacement was found.
http://www.eventid.net/display.asp?eventid=20&eventno=3396&source=KDC&phase=1
Did you have an External CA Certificate on this erver?
ERROR KDC Event ID 7022 The Kerebos KDC service hung on starting.
4. Directory Service
Warning NTDS Replication Event ID 2089 The directory partition has
not been backed up since at least the following number of days
interval 30 days
http://www.eventid.net/display.asp?eventid=2089&eventno=6024&source=NTDS%20Replication&phase=1
5. DNS Server
ERROR Event ID 4015 The DNS server has encountered a critical error
from the Active Directory. Check that the Active Directory is
functioning properly
Error event ID 4004 The DNS Server was unable to complete directory
service enumeratuion of zone ...
This event ERROR occurs four times
These two errors are common at start up if yo only have one DC and you use
AD integrated zones, you can change the zone to standard primary to stop
this event but you lose security in doing this. Ignore these errors if the
only occur at start up or install another DC.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in