DC error?

Skip to first unread message


Feb 4, 2010, 12:23:04 PM2/4/10

We're dealing with the folloving event on some of the domain servers

Windows cannot determine the user or computer name. (The system detected a
possible attempt to compromise security. Please ensure that you can contact
the server that authenticated you. ). Group Policy processing aborted.

We have 3 Win2003 DC's, one of them has been disconected from LAN for 4
days, now it's back on. Since then tihs error apperas. Can anyone please
help or instruct me what to do? No changes have been made to all of the DC.
Do I need to re-sinchronize all DC or sometnig like that?



Ace Fekay [MVP-DS, MCT]

Feb 4, 2010, 2:40:44 PM2/4/10
"Miha" <mi...@positiva.si> wrote in message

Hello Miha,

To better assist, we will need additional info.

Please post an ipconfig /all from each DC. This will allow use to evaluate
any basic configuration issues.

Also post any EventID# errors you see in the event logs of any of the DCs or
other machines you are seeing errors regarding what you posted, or any other
AD communication errors.

Thank you,


This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please
contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.

Paul Bergson [MVP-DS]

Feb 5, 2010, 8:43:39 AM2/5/10
Run diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> ntfrsutl ds your_dc_name > c:\sysvol.log
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take into
account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests without
having to learn all the switch options. The details will be output in
notepad text files that pop up automagically.

The script is located on my website at

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint

Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009


Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"Miha" <mi...@positiva.si> wrote in message

Reply all
Reply to author
0 new messages