You are currently offline, waiting for your internet to reconnect

Cannot Connect in the Active Directory Users and Computers Tool

This article was previously published under Q325641
This article has been archived. It is offered "as is" and will no longer be updated.
If a client that is located behind a domain controller that has only one network adapter uses Active Directory tools such as Active Directory Users and Computers and tries to connect to some multihomed domain controllers, the client may try to connect to both IP addresses for that domain controller. If the connection to one of the IP address does not work, the overall connection attempt does not succeed and the client receives the following error message:
Unable to connect to the domain controller because the server is not operational
The following sample scenario demonstrates this problem:

A client in Des Moines tries to connect to a multihomed domain controller in Honolulu that has 130.x.x.x and 140.x.x.x IP address. Although the Des Moines client is on the 140.x.x.x segment, the client tries to synchronize with both IP addresses. The client connects correctly to the 140.x.x.x address but receives a "Host unreachable" response from the 130.x.x.x attempts because this is not a routable IP address for internal use. The client continually retries to connect to the 130.x.x.x IP address. Eventually, the connection attempt does not succeed, and the client disconnects from the 140.x.x.x address also. This causes the error message to occur.
The Lightweight Directory Access Protocol (LDAP) client retrieves all of the IP addresses for the server from DNS. If there is more than one IP address, the client queries all of them. If one of the connections times out early during the connection, the whole connection attempt does not succeed. There is no additional attempt to retry the other IP address connections.

Service Pack Information

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack

Hotfix Information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site: Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version         Size       File name   -----------------------------------------------------------   26-Jul-2002  14:27  5.00.2195.5781    123,664  Adsldp.dll          26-Jul-2002  14:27  5.00.2195.5781    131,344  Adsldpc.dll         26-Jul-2002  14:27  5.00.2195.5781     62,736  Adsmsext.dll        26-Jul-2002  14:27  5.00.2195.5940    358,160  Advapi32.dll        26-Jul-2002  14:27  5.00.2195.5265     42,256  Basesrv.dll         26-Jul-2002  14:27  5.00.2195.5855     49,424  Browser.dll         26-Jul-2002  14:27  5.00.2195.5943    135,952  Dnsapi.dll          26-Jul-2002  14:27  5.00.2195.5595     96,016  Dnsrslvr.dll        26-Jul-2002  14:27  5.00.2195.5722     45,328  Eventlog.dll        26-Jul-2002  14:27  5.00.2195.5907    222,992  Gdi32.dll           26-Jul-2002  14:27  5.00.2195.5859    145,680  Kdcsvc.dll          04-Jun-2002  14:31  5.00.2195.5859    199,952  Kerberos.dll        26-Jul-2002  14:27  5.00.2195.4928    708,880  Kernel32.dll        15-Jul-2002  08:52  5.00.2195.5940     71,024  Ksecdd.sys   22-Jul-2002  16:54  5.00.2195.5960    507,152  Lsasrv.dll          22-Jul-2002  16:54  5.00.2195.5960     33,552  Lsass.exe           26-Jul-2002  14:27  5.00.2195.4733    332,560  Msgina.dll          23-Jul-2002  14:27  5.00.2195.5966    108,304  Msv1_0.dll          26-Jul-2002  14:27  5.00.2195.5979    307,472  Netapi32.dll        26-Jul-2002  14:27  5.00.2195.5966    360,720  Netlogon.dll        26-Jul-2002  14:27  5.00.2195.5979    916,752  Ntdsa.dll           26-Jul-2002  14:27  5.00.2195.5966    387,344  Samsrv.dll          26-Jul-2002  14:27  5.00.2195.5951    129,296  Scecli.dll          26-Jul-2002  14:27  5.00.2195.5951    302,864  Scesrv.dll          25-Jun-2001  19:17  3.10               47,808  User.exe            26-Jul-2002  14:27  5.00.2195.5931    379,664  User32.dll          26-Jul-2002  14:27  5.00.2195.5968    369,936  Userenv.dll         26-Jul-2002  14:27  5.00.2195.5859     48,912  W32time.dll         04-Jun-2002  14:32  5.00.2195.5859     57,104  W32tm.exe           17-Jul-2002  11:45  5.00.2195.5948  1,642,416  Win32k.sys   03-May-2002  11:31  5.00.2195.5731    178,960  Winlogon.exe        26-Jul-2002  14:27  5.00.2195.5935    243,472  Winsrv.dll          26-Jul-2002  14:27  5.00.2195.5944    125,712  Wldap32.dll         26-Jul-2002  14:27  5.00.2195.5774     72,976  Wmicore.dll         22-Jul-2002  16:54  5.00.2195.5960    507,664  Lsasrv.dll          26-Jul-2002  14:27  5.00.2195.4928    708,880  Kernel32.dll        26-Jul-2002  14:27  5.00.2195.5948  1,642,416  Win32k.sys   26-Jul-2002  14:27  5.00.2195.5935    243,472  Winsrv.dll       				

Remove the host record for the addresses that are not routable for the multihomed domain controller from DNS.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.
For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:
265173 The Datacenter Program and Windows 2000 Datacenter Server Product
For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:
296861 Use QChain.exe to Install Multiple Hotfixes with One Reboot

Article ID: 325641 - Last Review: 12/07/2015 11:42:05 - Revision: 3.7

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional Edition

  • kbnosurvey kbarchive kbautohotfix kbhotfixserver kbqfe kbwin2ksp4fix kbdirservices kbbug kbfix kbqfe kbwin2000presp4fix KB325641