LDAP queries fail and you cannot open Active Directory Users and Computers in Windows 2000 (830064)


The information in this article applies to:

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server

SYMPTOMS

You may experience one or both of the following symptoms on a Microsoft Windows 2000-based computer:
  • Lightweight Directory Access Protocol (LDAP) queries fail.
  • Domain administrators cannot open Active Directory Users and Computers.

The Winlogon.log file may contain the following information:----Un-initialize configuration engine...
-------------------------------------------
MM/DD/YYYY 13:19:34
Administrative privileged user logged on.
----Configuration engine is initialized successfully.----
----Reading Configuration template info...
----Configure User Rights...
Ignore *S-1-5-32-551.
Ignore *S-1-5-32-544.
Ignore *S-1-5-32-551.
.... There are pending user right changes from downlevel APIs. Some of the account rights are not removed by policy engine.
Configure S-1-5-32-544.
Ignore S-1-5-32-544 because there are pending user right changes for this account from downlevel APIs.
Configure S-1-5-32-551.
Ignore S-1-5-32-551 because there are pending user right changes for this account from downlevel APIs.
Event ID: 116
Description:
Subprocess monitoring failed due to subprocess is no longer active. The subprocess is probably dead. Restarting the process. Error detail: Overlapped I/O operation is in progress.

Event ID: 1003
Description:
Policy change from LSA/SAM can't be saved in the policy storage. Error 5 to save policy change for account S-1-1-0 in the default GPOs. For more debugging information, please look security\logs\scepol.log under Windows root.
Event ID: 1
Description:
The FireDaemon service has started.

CAUSE

This behavior may occur when a virus that uses the FireDaemon program to run as a Windows service infects your computer. The virus changes the default domain controller security policy so that no users have the Access this computer from the network security policy setting in User Rights Assignment.

RESOLUTION

To resolve this behavior, disable the FireDaemon services on your computer. To disable the FireDaemon services, follow these steps:
  1. Right-click My Computer, and then click Manage.
  2. Expand Services and Applications, and then click Services.
  3. Right-click any unwanted FireDaemon service, and then click Properties.

    Note This issue has been reported for the following services:
    • FireDaemon Service: scvhost
    • FireDaemon Service: scvhostlog
    • FireDaemon Service: secure
  4. In the Startup type box, click Disabled, and then click OK.

MORE INFORMATION

For more information about FireDaemon, visit the following Web site:http://www.firedaemon.com/ Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information. The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
Modification Type:MajorLast Reviewed:1/21/2004
Keywords:kbprb KB830064
©2004 Microsoft Corporation. All rights reserved.