Article ID: 325641 - View products that this article applies to.
This article was previously published under Q325641
If a client that is located behind a domain controller that has only one network adapter uses Active Directory tools such as Active Directory Users and Computers and tries to connect to some multihomed domain controllers, the client may try to connect to both IP addresses for that domain controller. If the connection to one of the IP address does not work, the overall connection attempt does not succeed and the client receives the following error message:
The following sample scenario demonstrates this problem:
Unable to connect to the domain controller because the server is not operational
A client in Des Moines tries to connect to a multihomed domain controller in Honolulu that has 130.x.x.x and 140.x.x.x IP address. Although the Des Moines client is on the 140.x.x.x segment, the client tries to synchronize with both IP addresses. The client connects correctly to the 140.x.x.x address but receives a "Host unreachable" response from the 130.x.x.x attempts because this is not a routable IP address for internal use. The client continually retries to connect to the 130.x.x.x IP address. Eventually, the connection attempt does not succeed, and the client disconnects from the 140.x.x.x address also. This causes the error message to occur.
The Lightweight Directory Access Protocol (LDAP) client retrieves all of the IP addresses for the server from DNS. If there is more than one IP address, the client queries all of them. If one of the connections times out early during the connection, the whole connection attempt does not succeed. There is no additional attempt to retry the other IP address connections.
Service Pack InformationTo resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
Hotfix InformationA supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Date Time Version Size File name ----------------------------------------------------------- 26-Jul-2002 14:27 5.00.2195.5781 123,664 Adsldp.dll 26-Jul-2002 14:27 5.00.2195.5781 131,344 Adsldpc.dll 26-Jul-2002 14:27 5.00.2195.5781 62,736 Adsmsext.dll 26-Jul-2002 14:27 5.00.2195.5940 358,160 Advapi32.dll 26-Jul-2002 14:27 5.00.2195.5265 42,256 Basesrv.dll 26-Jul-2002 14:27 5.00.2195.5855 49,424 Browser.dll 26-Jul-2002 14:27 5.00.2195.5943 135,952 Dnsapi.dll 26-Jul-2002 14:27 5.00.2195.5595 96,016 Dnsrslvr.dll 26-Jul-2002 14:27 5.00.2195.5722 45,328 Eventlog.dll 26-Jul-2002 14:27 5.00.2195.5907 222,992 Gdi32.dll 26-Jul-2002 14:27 5.00.2195.5859 145,680 Kdcsvc.dll 04-Jun-2002 14:31 5.00.2195.5859 199,952 Kerberos.dll 26-Jul-2002 14:27 5.00.2195.4928 708,880 Kernel32.dll 15-Jul-2002 08:52 5.00.2195.5940 71,024 Ksecdd.sys 22-Jul-2002 16:54 5.00.2195.5960 507,152 Lsasrv.dll 22-Jul-2002 16:54 5.00.2195.5960 33,552 Lsass.exe 26-Jul-2002 14:27 5.00.2195.4733 332,560 Msgina.dll 23-Jul-2002 14:27 5.00.2195.5966 108,304 Msv1_0.dll 26-Jul-2002 14:27 5.00.2195.5979 307,472 Netapi32.dll 26-Jul-2002 14:27 5.00.2195.5966 360,720 Netlogon.dll 26-Jul-2002 14:27 5.00.2195.5979 916,752 Ntdsa.dll 26-Jul-2002 14:27 5.00.2195.5966 387,344 Samsrv.dll 26-Jul-2002 14:27 5.00.2195.5951 129,296 Scecli.dll 26-Jul-2002 14:27 5.00.2195.5951 302,864 Scesrv.dll 25-Jun-2001 19:17 3.10 47,808 User.exe 26-Jul-2002 14:27 5.00.2195.5931 379,664 User32.dll 26-Jul-2002 14:27 5.00.2195.5968 369,936 Userenv.dll 26-Jul-2002 14:27 5.00.2195.5859 48,912 W32time.dll 04-Jun-2002 14:32 5.00.2195.5859 57,104 W32tm.exe 17-Jul-2002 11:45 5.00.2195.5948 1,642,416 Win32k.sys 03-May-2002 11:31 5.00.2195.5731 178,960 Winlogon.exe 26-Jul-2002 14:27 5.00.2195.5935 243,472 Winsrv.dll 26-Jul-2002 14:27 5.00.2195.5944 125,712 Wldap32.dll 26-Jul-2002 14:27 5.00.2195.5774 72,976 Wmicore.dll 22-Jul-2002 16:54 5.00.2195.5960 507,664 Lsasrv.dll 26-Jul-2002 14:27 5.00.2195.4928 708,880 Kernel32.dll 26-Jul-2002 14:27 5.00.2195.5948 1,642,416 Win32k.sys 26-Jul-2002 14:27 5.00.2195.5935 243,472 Winsrv.dll
Remove the host record for the addresses that are not routable for the multihomed domain controller from DNS.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.
For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:
265173For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/265173/EN-US/ )The Datacenter Program and Windows 2000 Datacenter Server Product
(http://support.microsoft.com/kb/296861/EN-US/ )Use QChain.exe to Install Multiple Hotfixes with One Reboot
Article ID: 325641 - Last Review: February 20, 2007 - Revision: 3.7