Cannot Connect in the Active Directory Users and Computers Tool

Article translations Article translations
Article ID: 325641 - View products that this article applies to.
This article was previously published under Q325641
Expand all | Collapse all

On This Page

SYMPTOMS

If a client that is located behind a domain controller that has only one network adapter uses Active Directory tools such as Active Directory Users and Computers and tries to connect to some multihomed domain controllers, the client may try to connect to both IP addresses for that domain controller. If the connection to one of the IP address does not work, the overall connection attempt does not succeed and the client receives the following error message:
Unable to connect to the domain controller because the server is not operational
The following sample scenario demonstrates this problem:

A client in Des Moines tries to connect to a multihomed domain controller in Honolulu that has 130.x.x.x and 140.x.x.x IP address. Although the Des Moines client is on the 140.x.x.x segment, the client tries to synchronize with both IP addresses. The client connects correctly to the 140.x.x.x address but receives a "Host unreachable" response from the 130.x.x.x attempts because this is not a routable IP address for internal use. The client continually retries to connect to the 130.x.x.x IP address. Eventually, the connection attempt does not succeed, and the client disconnects from the 140.x.x.x address also. This causes the error message to occur.

CAUSE

The Lightweight Directory Access Protocol (LDAP) client retrieves all of the IP addresses for the server from DNS. If there is more than one IP address, the client queries all of them. If one of the connections times out early during the connection, the whole connection attempt does not succeed. There is no additional attempt to retry the other IP address connections.

RESOLUTION

Service Pack Information

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack

Hotfix Information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version         Size       File name
   -----------------------------------------------------------
   26-Jul-2002  14:27  5.00.2195.5781    123,664  Adsldp.dll       
   26-Jul-2002  14:27  5.00.2195.5781    131,344  Adsldpc.dll      
   26-Jul-2002  14:27  5.00.2195.5781     62,736  Adsmsext.dll     
   26-Jul-2002  14:27  5.00.2195.5940    358,160  Advapi32.dll     
   26-Jul-2002  14:27  5.00.2195.5265     42,256  Basesrv.dll      
   26-Jul-2002  14:27  5.00.2195.5855     49,424  Browser.dll      
   26-Jul-2002  14:27  5.00.2195.5943    135,952  Dnsapi.dll       
   26-Jul-2002  14:27  5.00.2195.5595     96,016  Dnsrslvr.dll     
   26-Jul-2002  14:27  5.00.2195.5722     45,328  Eventlog.dll     
   26-Jul-2002  14:27  5.00.2195.5907    222,992  Gdi32.dll        
   26-Jul-2002  14:27  5.00.2195.5859    145,680  Kdcsvc.dll       
   04-Jun-2002  14:31  5.00.2195.5859    199,952  Kerberos.dll     

   26-Jul-2002  14:27  5.00.2195.4928    708,880  Kernel32.dll     
   15-Jul-2002  08:52  5.00.2195.5940     71,024  Ksecdd.sys
   22-Jul-2002  16:54  5.00.2195.5960    507,152  Lsasrv.dll       
   22-Jul-2002  16:54  5.00.2195.5960     33,552  Lsass.exe        
   26-Jul-2002  14:27  5.00.2195.4733    332,560  Msgina.dll       
   23-Jul-2002  14:27  5.00.2195.5966    108,304  Msv1_0.dll       
   26-Jul-2002  14:27  5.00.2195.5979    307,472  Netapi32.dll     
   26-Jul-2002  14:27  5.00.2195.5966    360,720  Netlogon.dll     
   26-Jul-2002  14:27  5.00.2195.5979    916,752  Ntdsa.dll        
   26-Jul-2002  14:27  5.00.2195.5966    387,344  Samsrv.dll       
   26-Jul-2002  14:27  5.00.2195.5951    129,296  Scecli.dll       
   26-Jul-2002  14:27  5.00.2195.5951    302,864  Scesrv.dll       
   25-Jun-2001  19:17  3.10               47,808  User.exe         
   26-Jul-2002  14:27  5.00.2195.5931    379,664  User32.dll       
   26-Jul-2002  14:27  5.00.2195.5968    369,936  Userenv.dll      
   26-Jul-2002  14:27  5.00.2195.5859     48,912  W32time.dll      
   04-Jun-2002  14:32  5.00.2195.5859     57,104  W32tm.exe        
   17-Jul-2002  11:45  5.00.2195.5948  1,642,416  Win32k.sys
   03-May-2002  11:31  5.00.2195.5731    178,960  Winlogon.exe     
   26-Jul-2002  14:27  5.00.2195.5935    243,472  Winsrv.dll       
   26-Jul-2002  14:27  5.00.2195.5944    125,712  Wldap32.dll      
   26-Jul-2002  14:27  5.00.2195.5774     72,976  Wmicore.dll      
   22-Jul-2002  16:54  5.00.2195.5960    507,664  Lsasrv.dll       
   26-Jul-2002  14:27  5.00.2195.4928    708,880  Kernel32.dll     
   26-Jul-2002  14:27  5.00.2195.5948  1,642,416  Win32k.sys
   26-Jul-2002  14:27  5.00.2195.5935    243,472  Winsrv.dll       
				

WORKAROUND

Remove the host record for the addresses that are not routable for the multihomed domain controller from DNS.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.

MORE INFORMATION

For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:
265173 The Datacenter Program and Windows 2000 Datacenter Server Product
For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:
296861 Use QChain.exe to Install Multiple Hotfixes with One Reboot

Properties

Article ID: 325641 - Last Review: February 20, 2007 - Revision: 3.7
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
Keywords: 
kbautohotfix kbhotfixserver kbqfe kbwin2ksp4fix kbdirservices kbbug kbfix kbqfe kbwin2000presp4fix KB325641

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com