Microsoft KB Archive/325641

= Cannot Connect in the Active Directory Users and Computers Tool =

Article ID: 325641

Article Last Modified on 2/20/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q325641



SYMPTOMS
If a client that is located behind a domain controller that has only one network adapter uses Active Directory tools such as Active Directory Users and Computers and tries to connect to some multihomed domain controllers, the client may try to connect to both IP addresses for that domain controller. If the connection to one of the IP address does not work, the overall connection attempt does not succeed and the client receives the following error message:

Unable to connect to the domain controller because the server is not operational

The following sample scenario demonstrates this problem:

A client in Des Moines tries to connect to a multihomed domain controller in Honolulu that has 130. and 140. IP address. Although the Des Moines client is on the 140. segment, the client tries to synchronize with both IP addresses. The client connects correctly to the 140. address but receives a &quot;Host unreachable&quot; response from the 130. attempts because this is not a routable IP address for internal use. The client continually retries to connect to the 130. IP address. Eventually, the connection attempt does not succeed, and the client disconnects from the 140. address also. This causes the error message to occur.



CAUSE
The Lightweight Directory Access Protocol (LDAP) client retrieves all of the IP addresses for the server from DNS. If there is more than one IP address, the client queries all of them. If one of the connections times out early during the connection, the whole connection attempt does not succeed. There is no additional attempt to retry the other IP address connections.



Service Pack Information
To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

Hotfix Information
A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem. This fix may receive additional testing. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The typical support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time   Version         Size       File name ---  26-Jul-2002  14:27  5.00.2195.5781    123,664  Adsldp.dll 26-Jul-2002 14:27  5.00.2195.5781    131,344  Adsldpc.dll 26-Jul-2002 14:27  5.00.2195.5781     62,736  Adsmsext.dll 26-Jul-2002 14:27  5.00.2195.5940    358,160  Advapi32.dll 26-Jul-2002 14:27  5.00.2195.5265     42,256  Basesrv.dll 26-Jul-2002 14:27  5.00.2195.5855     49,424  Browser.dll 26-Jul-2002 14:27  5.00.2195.5943    135,952  Dnsapi.dll 26-Jul-2002 14:27  5.00.2195.5595     96,016  Dnsrslvr.dll 26-Jul-2002 14:27  5.00.2195.5722     45,328  Eventlog.dll 26-Jul-2002 14:27  5.00.2195.5907    222,992  Gdi32.dll 26-Jul-2002 14:27  5.00.2195.5859    145,680  Kdcsvc.dll 04-Jun-2002 14:31  5.00.2195.5859    199,952  Kerberos.dll

26-Jul-2002 14:27  5.00.2195.4928    708,880  Kernel32.dll 15-Jul-2002 08:52  5.00.2195.5940     71,024  Ksecdd.sys 22-Jul-2002 16:54  5.00.2195.5960    507,152  Lsasrv.dll 22-Jul-2002 16:54  5.00.2195.5960     33,552  Lsass.exe 26-Jul-2002 14:27  5.00.2195.4733    332,560  Msgina.dll 23-Jul-2002 14:27  5.00.2195.5966    108,304  Msv1_0.dll 26-Jul-2002 14:27  5.00.2195.5979    307,472  Netapi32.dll 26-Jul-2002 14:27  5.00.2195.5966    360,720  Netlogon.dll 26-Jul-2002 14:27  5.00.2195.5979    916,752  Ntdsa.dll 26-Jul-2002 14:27  5.00.2195.5966    387,344  Samsrv.dll 26-Jul-2002 14:27  5.00.2195.5951    129,296  Scecli.dll 26-Jul-2002 14:27  5.00.2195.5951    302,864  Scesrv.dll 25-Jun-2001 19:17  3.10               47,808  User.exe 26-Jul-2002 14:27  5.00.2195.5931    379,664  User32.dll 26-Jul-2002 14:27  5.00.2195.5968    369,936  Userenv.dll 26-Jul-2002 14:27  5.00.2195.5859     48,912  W32time.dll 04-Jun-2002 14:32  5.00.2195.5859     57,104  W32tm.exe 17-Jul-2002 11:45  5.00.2195.5948  1,642,416  Win32k.sys 03-May-2002 11:31  5.00.2195.5731    178,960  Winlogon.exe 26-Jul-2002 14:27  5.00.2195.5935    243,472  Winsrv.dll 26-Jul-2002 14:27  5.00.2195.5944    125,712  Wldap32.dll 26-Jul-2002 14:27  5.00.2195.5774     72,976  Wmicore.dll 22-Jul-2002 16:54  5.00.2195.5960    507,664  Lsasrv.dll 26-Jul-2002 14:27  5.00.2195.4928    708,880  Kernel32.dll 26-Jul-2002 14:27  5.00.2195.5948  1,642,416  Win32k.sys 26-Jul-2002 14:27  5.00.2195.5935    243,472  Winsrv.dll



WORKAROUND
Remove the host record for the addresses that are not routable for the multihomed domain controller from DNS.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.



MORE INFORMATION
For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:

265173 The Datacenter Program and Windows 2000 Datacenter Server Product

For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:

296861 Use QChain.exe to Install Multiple Hotfixes with One Reboot

Keywords: kbhotfixserver kbqfe kbwin2ksp4fix kbdirservices kbbug kbfix kbqfe kbwin2000presp4fix KB325641

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.