Question : Repeated browser event ID 8021 and 8032 then server loses connction to domain with nelogon event 5719

I am having a very strange problem on our network and would greatly apprecite any help.

I have numerous servers that have all simultaineouly lost there connection to the domain. A reboot seems to fix the problem but I want to figure out what the underlying issue is. All the servers in question have repeated browser events 8021 and 8032 which leads up to the catostrophic nelogon event 5719 after this the server can not authenticate anyone and needs to be rebooted. See events below:

First:
Event Type:      Warning
Event Source:      BROWSER
Event Category:      None
Event ID:      8021
Date:            11/13/2007
Time:            3:46:26 PM
User:            N/A
Computer:      SFS03
Description:
The browser service was unable to retrieve a list of servers from the browser master \\SFDC02 on the network \Device\NetBT_Tcpip_{E1BF078F-7EFF-4FB7-85BB-6E8CAE8C67A2}.

Browser master: \\SFDC02
Network: \Device\NetBT_Tcpip_{E1BF078F-7EFF-4FB7-85BB-6E8CAE8C67A2}

This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Second:
Event Type:      Error
Event Source:      BROWSER
Event Category:      None
Event ID:      8032
Date:            11/13/2007
Time:            3:16:27 PM
User:            N/A
Computer:      SFS03
Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{E1BF078F-7EFF-4FB7-85BB-6E8CAE8C67A2}. The backup browser is stopping.

Third:
Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5719
Date:            11/13/2007
Time:            3:11:36 PM
User:            N/A
Computer:      SFS03
Description:
This computer was not able to set up a secure session with a domain controller in domain CALSB due to the following:
Not enough storage is available to process this command.
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

I have run netdaig dcdiag and combed through the event logs on our DC's and came up with nothing. I have checked DNS and found several other threads with the exact same problem but these have eirthe been unanswerred or related to something else.

Answer : Repeated browser event ID 8021 and 8032 then server loses connction to domain with nelogon event 5719

First off, I would really like to separate the two errors. I am not certain the Netlogon problem and Master Browser problems are related. So, you may have two separate problems. To answer your above questions, I think it best to handle the two problems separately.

Error 5719: (Netlogon Problems)
When you say have problems authenitcating, what do you mean? What types of connections are you trying to run when trying to access files or services? Are you trying to go through My Network Places to connect to a specific computer? If you are trying to connect through My Network Places, I can definately see the co-relation. If not, then you may have an additional problem. If you ask me, your netlogon service will interfere with domain authentication more so than any problems with the master Browser!!!. I think the fix for error 5719 I provided is the link to help you fix Netlogon error.

http://www25.brinkster.com/ChicagoTech/wineventid.htm

Errors 8021 and 8032: (master Browser Problems)

The way the Browser service works, (in the default browser configuration), is the clients will transmit a Netbios broadcast to show all available Master Browsers, "I AM HERE". If a Master Browser does not reply meaning it is not found, then an election can be forced by that client. The client can elect anything from another client to a mass storage device for a Master Browser. Sometimes you can get a couple master browsers on a single domain. Then you will see workgroup comptuers disappear from time to time.

The default configuration requires you are all able to communicate on ports 137 and 138. So, any IP port blockage can interfere with the master Browser service. Since these Netbios broadcasts are transmitted on UDP ports 137 and 138, the client can be transmitting into some sort of port blocking. That could include, VPN tunnel, NAT translation, Software/Hardware Firewall, Different Subnet, Different IP space for Multi homed domains, or some other sort of port blocking problem.

There are three potential fixes to the above blocks of the Master browser service. One is to stop the blockage by lowering your guard (meaning lower the port blockage like a firewall block). This will create vulnerabilities in your network and is not recommended.

The second is to use WINS instead of these Netbios Broadcasts to help your master browser see a list of comptuers. Since your clients and servers can not find a Master Browser or a Backup Browser, It looks like you have a blockage. I recommend you use the WINS configuration to help the Master Browser populate the list of computers in My Network Places. I recommend this method and the link below will show you how to use WINS and the WAN configuration to work with the Master Browser Service.

The third is to use the Server Service and enable File and Print Sharing on all IP stacks. Most will say that File and Print sharing is a Vulnerability to the network and recommend you turn that off. I am on of those people.

This link is the best link I have found to explain the Master Browser Service. It is a little lengthy, but definately worth the read.

http://www.microsoft.com/resources/documentation/windowsnt/4/server/reskit/en-us/net/chptr3.mspx?mfr=true

I think you will want to use the WAN configuration using WINS instead of the Netbios broadcasts from the client. Also you may want to distingquish the diferences between the Domain Master Browser, Master Browser, and Backup Browser.

I hope this helps.

John

Random Solutions

Windows Server 2003 R2 recieving "Generic host process for Win32 services encountered a problem and needs to close"

Blue Screen of Death -- Computer Barely Boots

Remove English (United States) from Word 2007

Awk - printing fixed width lines

divide my wordpress post into pages

Server RPC Access Very Slow, Outlook stops responding

Movieclip Radio/check Buttons

Crystal Report Selection Formula based on SQL Max(Date)

sql server 2005: trc files

What is the command for rails to reload the current page after executing code?