You cannot log on to a domain controller from a Windows 2000 Terminal server in a WINS environment (840689)


The information in this article applies to:

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Server

SYMPTOMS

When you try to log on to a domain controller from a Microsoft Windows 2000 Server-based computer that has Terminal Services enabled, the operation is unsuccessful. Additionally, your roaming profile may not be loaded, and your home drive may not be mapped.

CAUSE

A Windows 2000 Terminal server depends on NetBIOS name resolution to locate a domain controller and to find these attributes on the user account. The issue that is described in the "Symptoms" section occurs if Windows Internet Name Service (WINS) is not configured, and therefore the Terminal server cannot reach a domain controller through a broadcast.

RESOLUTION

To resolve this issue, use one of the following methods.

Method 1

Set up and install WINS, and make sure that all domain controllers are registered. If WINS is already installed, follow these steps on the Terminal server and on the domain controllers:
  1. Click Start, and then click Run.
  2. Type nbtstat -RR, and then press ENTER.

Method 2

Install an LMHOSTS file on the Terminal server if you cannot configure WINS in your environment. For additional information about how to create an LMHOSTS file and add a domain name, click the following article number to view the article in the Microsoft Knowledge Base:

180094 How to write an LMHOSTS file for domain validation and other name resolution issues

MORE INFORMATION

When this issue occurs, the following information is logged to the Userenv.log file on the Terminal server:

USERENV(f00.8d0) 16:17:33:171 =========================================================
USERENV(f00.8d0) 16:17:33:187 LoadUserProfile: Entering, hToken = <0xa4>, lpProfileInfo = 0x6f64c
USERENV(f00.8d0) 16:17:33:187 LoadUserProfile: Entering, hToken = <0xa4>, lpProfileInfo = 0x6f64c
USERENV(f00.8d0) 16:17:33:187 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(f00.8d0) 16:17:33:203 LoadUserProfile: lpProfileInfo->lpUserName = <user>
USERENV(f00.8d0) 16:17:33:203 LoadUserProfile: NULL central profile path
USERENV(f00.8d0) 16:17:33:218 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\ROOTDC\netlogon\Default User>
USERENV(f00.8d0) 16:17:33:218 LoadUserProfile: NULL server name

If you monitor the network traffic from the Terminal server, you may see the following traffic: 

NBT NS: Query req. for DomainController <00> 192.0.0.1 172.21.4.128 IP

The WINS server may respond as follows: 

NBT NS: Query (Node Status) resp. for Domain Controller <00>, Requested name doesn't exist 192.0.0.1 172.21.4.67 IP

If WINS is not configured, the Terminal server sends out a broadcast for the domain controller.

REFERENCES

For additional information about WINS, visit the following Microsoft Web sites:

http://www.microsoft.com/resources/documentation/WindowsServ/2003/enterprise/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/enterprise/proddocs/en-us/sag_WINS_und_Servers.asp

http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_WINS_und_BrowsingWithWins .htm

For additional information about how two computers communicate in a WINS environment, click the following article number to view the article in the Microsoft Knowledge Base:

139608 SMB traffic during Windows NT domain logon

185786 Recommended practices for WINS

Modification Type:MajorLast Reviewed:5/4/2004
Keywords:kbwinservnetwork kbnetwork kbprb KB840689 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.