Help and Support

Error Messages When Windows 2000 Client in Windows 2000 Domain Attempts to Open Active Directory Snap-in

View products that this article applies to.
Article ID:261203
Last Review:February 28, 2007
Revision:3.2
This article was previously published under Q261203

SYMPTOMS

A Windows 2000 client in a Windows 2000 domain may not be able to open any Active Directory snap-ins. When the client attempts to open a snap-in, the following error messages may be displayed:
Active Directory Domains and Trusts: "The configuration information describing this enterprise is not available. Unspecified error."

Active Directory Sites and Services: "Naming information cannot be located because: Unspecified error. Contact your system administrator to verify that your domain is properly configured and is currently online."

Active Directory Users and Computers: "Naming information cannot be located because: Unspecified error. Contact your system administrator to verify that your domain is properly configured and is currently online."

Certification Authority: "The specified service does not exist as an installed service. 0x424 (1060)"
This problem can occur if the domain controller is running Routing and Remote Access (RRAS) with Network Address Translation (NAT) configured, or if the client is running Internet Connection Sharing (ICS).

Back to the top

CAUSE

This behavior occurs because of the H.323/Lightweight Directory Access Protocol (LDAP) proxy service that is included with NAT and ICS. The proxy misinterprets the query and causes the TCP reset.

The H.323/LDAP proxy service allows NAT/ICS clients to participate in H.323 and Microsoft NetMeeting conference calls and register themselves with an Internet Locator Service (ILS) server using LDAP from behind the NAT/ICS router.

The root cause of these error messages is that the LDAP proxy that is incorporated into NAT has a hard-coded limit of 64 KB on the LDAP protocol data unit (PDU) size. When domain-related LDAP traffic (which is often 300 KB or more in size) exceeds this limit, the H.323/LDAP proxy resets the connection.

Back to the top

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 (http://support.microsoft.com/kb/260910/EN-US/) How to Obtain the Latest Windows 2000 Service Pack

Back to the top

WORKAROUND

To work around this issue if you are using RRAS and NAT, use either of the following methods:
After the server is started, stop and restart the RRAS service. This resolves the issue until the next time you restart the computer.
A more permanent solution is to turn off the LDAP proxy (this action also turns off the H.323 proxy support). To turn off the LDAP proxy, type the following command at a command prompt:
netsh routing ip nat delete h323
For ICS users, you must implement RRAS in place of ICS because it is not possible to disable the LDAP proxy in ICS. If you need to turn the H.323 proxy back on, type the following command at a command prompt:
netsh routing ip nat add h323
NOTE: This action enables the LDAP proxy again, which results in the error message.

Back to the top

STATUS

Microsoft has confirmed that this is a problem in Microsoft Windows 2000.

This problem was first corrected in Windows 2000 Service Pack 1.

Back to the top

APPLIES TO
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Professional Edition

Back to the top

Keywords: 
kbbug kbenv kberrmsg kbfix kbwin2000sp1fix KB261203

Back to the top

Article Translations

 

Related Support Centers

Other Support Options

  • Contact Microsoft
    Phone Numbers, Support Options and Pricing, Online Help, and more.
  • Customer Service
    For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
  • Newsgroups
    Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.