You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-server/windows-security/troubleshoot-netlogon-service-startup-failures.md
+45-10Lines changed: 45 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -105,7 +105,7 @@ Netlogon startup failures (or any dependent service start failures) might requir
105
105
106
106
The following sections describe some event log errors that indicate that Netlogon failed to start.
107
107
108
-
###Symptom 1
108
+
## Symptom 1
109
109
110
110
A dependent service doesn't start:
111
111
@@ -116,7 +116,7 @@ A dependent service doesn't start:
116
116
> Description: The Netlogon service depends on the \<SERVICE NAME\> service which failed to start because of the following error:
117
117
> The dependency service or group failed to start.
118
118
119
-
####Resolution
119
+
### Resolution
120
120
121
121
Inspect the dependent services to determine which services failed to start. Verify that the services have a correct service startup configuration using the Services MMC snap-in to view and modify the service configuration.
122
122
@@ -128,7 +128,7 @@ In the following example, the Workstation service is configured with a **Disable
128
128
129
129
Setting the **Startup type** to **Automatic** and starting the service restore the Workstation service operation.
130
130
131
-
###Symptom 2
131
+
## Symptom 2
132
132
133
133
A nonexistent or invalid service is defined for the Netlogon service or a dependent service:
134
134
@@ -138,7 +138,7 @@ A nonexistent or invalid service is defined for the Netlogon service or a depend
138
138
> Level: Error
139
139
> Description: The Netlogon service depends on the following service: \<MISSING OR INVALID SERVICE\>. This service might not be installed.
140
140
141
-
####Resolution
141
+
### Resolution
142
142
143
143
An invalid service might be configured in the **DependOnService** registry value of the Netlogon service, or the service referenced in this value might be missing as an installed service. In the following example, the Netlogon service on a member server failed to start because it can't validate a dependent service.
144
144
@@ -154,7 +154,7 @@ Remove the offending entry found within the **DependOnService** registry value:
154
154
155
155
:::image type="content" source="media/troubleshoot-netlogon-service-startup-failures/remove-entry-from-depend-on-service-registry-value.png" alt-text="Screenshot showing how to remove an entry from the DependOnService registry value.":::
156
156
157
-
###Symptom 3
157
+
## Symptom 3
158
158
159
159
An invalid or missing service Dynamic Linked Library (DLL) specified causes a dependent service not to start:
160
160
@@ -169,13 +169,13 @@ When you try to start the Netlogon service by using the Services MMC, the follow
169
169
170
170
> Windows could not start the Netlogon service on Local Computer. Error 126: The specified module could not be found.
171
171
172
-
####Resolution
172
+
### Resolution
173
173
174
174
Each service application must successfully initialize DLLs in order to function. To resolve this issue, perform a system file scan by using the System File Checker (**SFC.exe**) tool, restore the missing DLLs from a backup, or repair or a reinstall the operating system.
175
175
176
176
For more information, see [Use the System File Checker tool to repair missing or corrupted system files](https://support.microsoft.com/topic/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files-79aa86cb-ca52-166a-92a3-966e85d4094e).
177
177
178
-
###Symptom 4
178
+
## Symptom 4
179
179
180
180
An invalid or missing service executable specified causes a dependent service not to start:
181
181
@@ -190,20 +190,55 @@ When you try to start the Netlogon service by using Services MMC, the following
190
190
191
191
> Windows could not start the Netlogon service on Local Computer. Error 2: The system cannot find the file specified.
192
192
193
-
####Resolution
193
+
### Resolution
194
194
195
195
When viewing service properties via the Services MMC, validate that the services that failed to start have a valid value configured in the **Path to executable** field. Or, validate that the **ImagePath** value is correct in the registry for the affected services.
196
196
197
-
###Symptom 5
197
+
## Symptom 5
198
198
199
199
The Netlogon service reports that the service entered the stopped state during system boot. When you try to manually start the service, the following error message is displayed:
200
200
201
201
> The Netlogon service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.
202
202
203
-
####Resolution
203
+
### Resolution
204
204
205
205
Validate that the service permissions within the registry are set to the appropriate values. Permissions vary based on the system role, such as, DCs versus workstations or member servers. Ensure that no entries specify a **Deny** permission for **SYSTEM** or **Administrators**. By default, registry permissions are inherited from the parent registry key and the owner is configured as **SYSTEM**.
206
206
207
+
## Symptom 6
208
+
209
+
The Netlogon is started successfully, but the service status is reported as not started or as paused. For domain members, the status can be set by administrators by running `Net pause netlogon` and `Net continue netlogon`. In services.msc snap-in, the services is displayed as the following:
210
+
211
+
:::image type="content" source="media/troubleshoot-netlogon-service-startup-failures/screenshot-of-the-netlogon-services-status.png" alt-text="Screenshot of the Netlogon services status.":::
212
+
213
+
You can also view the status in services.msc on DCs.
214
+
215
+
> [!NOTE]
216
+
> When the Netlogon service is paused, the DC does not respond to DC Locator requests (on LDAP port UDP/389). The computer is then not used for NTLM authentication or new Kerberos tickets.
217
+
218
+
### Resolution
219
+
220
+
The Netlogon services on DCs might be paused because of configuration problems. The Netlogon.log contains the entries about the causes:
221
+
222
+
-> Netlogon Service Paused
223
+
224
+
The Netlogon service is paused by an administrator.
225
+
226
+
-> NlInit: DS is paused
227
+
228
+
The Directory serivce is paused.
229
+
230
+
-> Waiting for RPCSS
231
+
232
+
RPC Subsystem startup pending.
233
+
234
+
-> SysVol not ready
235
+
236
+
The DFSR Initial replication not completed.
237
+
238
+
The last condition can be caused if the DFSR replication engine does not signal that the initial replication of SYSVOL has worked and is good to be shared. Therefore, The Netlogon service is in the paused status until the replication is completed, and only shares SYSVOL and Netlogon after the replication is completed.
239
+
240
+
To troubleshoot this issue, see [Troubleshoot missing SYSVOL and Netlogon shares for Distributed File System (DFS) Replication](../networking/troubleshoot-missing-sysvol-and-netlogon-shares.md)
241
+
207
242
## Additional symptoms
208
243
209
244
1. Other services, such as the Windows Time Service or the Group Policy Service might report failed operations due to the Netlogon service not being started:
0 commit comments