Article ID: 173882
Article Last Modified on 2/23/2007
APPLIES TO
- Microsoft Windows 2000 Service Pack 1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0 Standard Edition
This article was previously published under Q173882
SUMMARY
Netlogon creates many errors that are recorded in the event log, which eventually fills or wraps the log.
MORE INFORMATION
The Netlogon.chg file is located on all domain controllers, but is used only by the primary domain controller (PDC) to keep track of changes made to the security databases. All changes to the security databases are recorded in this log file, along with the serial number of the change. Each of the three security databases maintains a separate serial number, which is incremented once for each change. When a backup domain controller (BDC) requests a particular change from the PDC, the PDC checks the change log to determine which changes need to be sent.
Specific Events and Errors
The following events may be recorded on the BDC:
The following events may be reported on the PDC:
Trying to promote a BDC to a PDC may cause the following pop-up window message to stay on the screen indefinitely:
"Synchronizing <BDC> with its primary"
The following event log error may be generated:
These events can be caused when Windows NT fails to update the %SystemRoot%\Netlogon.chg file on the PDC. This may occur for any of the following reasons:
- The Read-Only attribute could be set.
- The netlogon.chg file could be corrupted.
- The permissions for the system account could be insufficient for that file; they should be at least RWXD.
Resolving the Problem
If the Netlogon.chg file has been corrupted, you may need to delete or rename the file. However, this file is always in use by the system.
To delete (reset) the Netlogon.chg file on a FAT partition, use the following steps:
- Start the system using MS-DOS, and then delete the %SystemRoot%\Netlogon.chg file.
- Restart using Windows NT. The file will be recreated at startup.
To delete (reset) the Netlogon.chg file on an NTFS partition, use the steps for Windows 2000 or for Windows NT 4, depending on the product that you have installed.
Windows 2000
- Open Windows Explorer, and then navigate to the %systemroot% folder.
- Right-click the Netlogon.chg file, and then click Properties.
- Click the Security tab.
- Click to clear the Allow inheritable permissions from parent to propagate to this object check box, and then click OK.
- In the Security dialog box, click Copy to copy the existing inheritable permissions to this object.
- Click the System account, click Deny - Full Control to change all of the permissions to Deny, and then click OK.
- Restart the computer. After you log on to the computer, delete the Netlogon.chg file.
- Restart the computer again. When you log on the computer, the Netlogon.chg file is rebuilt automatically.
Windows NT 4
- Open Windows Explorer, and then navigate to the %systemroot% folder.
- Right-click the Netlogon.chg file, and then click Properties.
- Click the Security tab.
- Click Add and add the account that you are currently logged in as with full control.
- Remove the rest of the users from the permission list, then click OK.
- Restart the computer. After you log on to the computer, delete the Netlogon.chg file.
- Restart the computer again. When you log on the computer, the Netlogon.chg file is rebuilt automatically.
Additional query words: continuous repeated alternate server user manager forever 340100c0 warning informational blue yellow 4 A win2000
Keywords: kbinfo kbnetwork KB173882