You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-server/windows-security/troubleshoot-netlogon-service-startup-failures.md
+37-38Lines changed: 37 additions & 38 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -187,54 +187,53 @@ Validate the service permissions within the registry are set to appropriate valu
187
187
188
188
## Additional symptoms
189
189
190
-
Other services, such as the Windows Time Service or the Group Policy Service might report failed operations due to the Netlogon service not being started:
190
+
1.Other services, such as the Windows Time Service or the Group Policy Service might report failed operations due to the Netlogon service not being started:
191
191
192
-
> Log Name: System
193
-
> Source: Microsoft-Windows-Time-Service
194
-
> Event ID: 159
195
-
> Level: Warning
196
-
> Description: W32time is unable to communicate with Netlogon Service. This failure prevents NTPClient from discovering and using domain peers, besides causing problems with correct W32time service state being advertised by Netlogon. This could be a temporary condition that resolves itself shortly. If this warning repeats over a considerable period of time, ensure the Netlogon service is running and is responsive and restart W32time service to reintiaize the overall state. The error was 0x80070700: An attempt was made to logon, but the network logon service was not started.
192
+
> Log Name: System
193
+
> Source: Microsoft-Windows-Time-Service
194
+
> Event ID: 159
195
+
> Level: Warning
196
+
> Description: W32time is unable to communicate with Netlogon Service. This failure prevents NTPClient from discovering and using domain peers, besides causing problems with correct W32time service state being advertised by Netlogon. This could be a temporary condition that resolves itself shortly. If this warning repeats over a considerable period of time, ensure the Netlogon service is running and is responsive and restart W32time service to reintiaize the overall state. The error was 0x80070700: An attempt was made to logon, but the network logon service was not started.
197
197
198
-
> Log Name: System
199
-
> Source: Microsoft-Windows-Time-Service
200
-
> Event ID: 130
201
-
> Level: Warning
202
-
> Description: NtpClient was unable to set a domain peer to use as a time source because of failure in establishing a trust relationship between this computer and the 'litware.com' domain in order to securely synchronize time. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: The RPC server is unavailable. (0x800706BA)
198
+
> Log Name: System
199
+
> Source: Microsoft-Windows-Time-Service
200
+
> Event ID: 130
201
+
> Level: Warning
202
+
> Description: NtpClient was unable to set a domain peer to use as a time source because of failure in establishing a trust relationship between this computer and the 'litware.com' domain in order to securely synchronize time. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: The RPC server is unavailable. (0x800706BA)
203
203
204
-
> Log Name: System
205
-
> Source: Microsoft-Windows-GroupPolicy
206
-
> Event ID: 1110
207
-
> Level: Error
208
-
> Description: The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.
204
+
> Log Name: System
205
+
> Source: Microsoft-Windows-GroupPolicy
206
+
> Event ID: 1110
207
+
> Level: Error
208
+
> Description: The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.
209
209
210
-
Management or other operations relying on the Netlogon service also fail:
210
+
2.Management or other operations relying on the Netlogon service also fail when the Netlogon service not being started:
211
211
212
-
```console
213
-
nltest /sc_query:litware.com
212
+
```console
213
+
nltest /sc_query:litware.com
214
214
215
-
I_NetLogonControl failed: Status = 1722 0x6ba RPC_S_SERVER_UNAVAILABLE
216
-
```
215
+
I_NetLogonControl failed: Status = 1722 0x6ba RPC_S_SERVER_UNAVAILABLE
216
+
```
217
217
218
-
```console
219
-
net use \\192.168.1.11 /user:litware\administrator
220
-
221
-
System error 1792 has occurred.
218
+
```console
219
+
net use \\192.168.1.11 /user:litware\administrator
222
220
223
-
An attempt was made to logon, but the network logon service was not started.
224
-
```
221
+
System error 1792 has occurred.
225
222
226
-
Domain controller locator fails to locate a domain controller with error 1355 or "The specified domain either doesn't exist or couldn't be contacted".
223
+
An attempt was made to logon, but the network logon service was not started.
224
+
```
227
225
228
-
Domain trust relationships might fail if all reachable domain controllers have their Netlogon services stopped:
226
+
3.Domain controller locator fails to locate a domain controller with error 1355 or "The specified domain either doesn't exist or couldn't be contacted".
229
227
230
-
> Log Name: System
231
-
> Source: NETLOGON
232
-
> Event ID: 5719
233
-
> Level: Error
234
-
> Description: This computer was not able to set up a secure session with a domain controller in domain \<DOMAIN\> due to the following:
235
-
> We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential.
236
-
> This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
228
+
4. Domain trust relationships might fail if all reachable domain controllers have their Netlogon services stopped:
237
229
238
-
## More information
230
+
> Log Name: System
231
+
> Source: NETLOGON
232
+
> Event ID: 5719
233
+
> Level: Error
234
+
> Description: This computer was not able to set up a secure session with a domain controller in domain \<DOMAIN\> due to the following:
235
+
> We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential.
236
+
> This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.
239
237
240
-
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
238
+
> [!NOTE]
239
+
> If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.
0 commit comments