Ethernet Products
Determine ramifications of Intel® Ethernet products and technologies
4811 Discussions

82657LM-3 - Windows 7 x64 NETLOGON, DNS, DFS Issues

idata
Employee
4,359 Views

Hi,

We have 2x HP DC7900 SFF systems, both have the integrated Intel 82657LM-3 NIC.

Both systems have Windows 7 x64 installed. Both are experiencing networking issues.

Windows 7 is having some sort of DNS resolution issue and it seems to only happen when installed on the DC7900 (SFF) which just so happens to be using the Intel 82567LM-3 NIC (this NIK appears to be known as a probelmatic card). I'm not 100% convinced it's the physical side of the NIC just yet as the symptom can be resolved using a feature of Windows, but what that feature does remains a mystery.

The first symptoms are: when logging onto Windows (authenticated by Windows 2003 AD which is running DNS and DHCP) the roaming profile is not applied, redirected folders error out and the login script doesn't get executed.

After a cached login is completed, 2 pop-ups from the Action Center appear alerting the Roaming Profile could not be applied and no Netlogon servers available.

As part of my troubleshooting, I have observed the NIC takes an long time to obtain an IP address from DHCP when released/renewed and Windows seems to 'identify' the network every so often.

When the problem is occuring I'm unable to browse the dfs using\\LAB-DOMAIN\DFSRoot, although using \\LAB-DOMAIN.fqdn\DFSRoot will work.

Because everything in the organisation is tied back to \\LAB-DOMAIN\DFSRoot, changing this would be a large job and realistically it would only be masking an underlying problem.

The only way I can get the machine to recognise and use \\LAB-DOMAIN\DFSRoot is to use the Windows 7 "Troubleshooting Assistant" which pops-up when attempting to map a drive using the DFS path when Windows can't for some reason resolve it. Once the Troubleshooting Assistant completes its thing, everything appears to work fine until the machine is rebooted. Then you have to go through the manual steps to get it working again.

The most interesting part about the DFS resolution issue is ocassionally one share will resolve and it just so happens to be the last share added to the DFS root.

 

So far I've tried all sorts of things to resolve this problem including:

* Reinstalled Windows 7 numerous times

 

* Installed 3 differenet versions of the NIC driver from Intel, HP and DELL - currently using the native Windows 7 driver v10.5.1.0

 

* Upgraded BIOS firmware to latest

 

* Enabled Port Fast on the switch

 

* Turned off Power Saving on the NIC

 

* Hard set the NIC speed from Auto to 100 Full

 

* Trialled the ExpectedDialUpDelay registry key - see denied:javascript:openExternal('http://support.microsoft.com/default.aspx/kb/938449') http://support.microsoft.com/default.aspx/kb/938449

 

None of the above produced any result.

 

Event errors observed include:

This computer was not able to set up a secure session with a domain controller in domain LAB-DOMAIN due to the following:

There are currently no logon servers available to service the logon request.

This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

 

-----------------------------------------------------------------------------------------

The Group Policy Client Side Extension Folder Redirection was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance.

 

-----------------------------------------------------------------------------------------

The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

 

-----------------------------------------------------------------------------------------

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID

{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}

and APPID

{B292921D-AF50-400C-9B75-0C57A7F29BA1}

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

>> I've looked this up, the ID is for the NAP and I can't change the security in dcomcnfg as it's all greyed out.

 

-----------------------------------------------------------------------------------------

There are currently no logon servers available to service the logon request.

This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

 

-----------------------------------------------------------------------------------------

The name "LAB-DOMAIN :1d" could not be registered on the interface with IP address 192.168.2.112. The computer with the IP address 192.168.2.10 did not allow the name to be claimed by this computer.

 

-----------------------------------------------------------------------------------------

Name resolution for the name WIN7X64.LAB-DOMAIN.local timed out after none of the configured DNS servers responded.

 

-----------------------------------------------------------------------------------------

 

NONE of the other systems on the LAB-DOMAIN are experiencing this problem so I'm confident this isn't an actual DNS/DHCP or DFS issue. There is 2 Windows XP machines and another Windows 7 machine - though both are on different hardware (DC7600 with Broadcom NIC and an Asus Laptop). All of the other computers are working fine on the network except for the 2 DC7900s with the Intel NIC.

 

HP has already sent someone out and the Motherboard has been replaced - but unfortunately with the same model Intel NIC and the problem remains. I was hoping HP would replace the motherboard with the version that has the integrated Broadcom NIC but that wasn't to be.

 

Does anyone have any ideas on what can I do to get this resolved?

We had a case open with HP but they closed it after replacing the motherboard (unfortuantely it came with the same model NIC, so the problem remains).

thanks,

 

Ben

 

denied:javascript:openExternal('http://www.2way.net.au') http://www.2way.net.au
0 Kudos
8 Replies
idata
Employee
1,596 Views

A quick update on this issue.

BIOS version currently being used in our 2 machines is:

Machine a) 786G1 v01.16

Machine b) 786G1 v01.22

Versions of the Network Driver trialled:

10.5.1.0

11.0.41.0 (Intel Download v14.5)

11.2.19.0 (Intel Download v14.7)

11.2.19.250 (HP Download SP45456)

11.5.4.0 (Dell Download R252705)

11.5.10.0 (HP Download SP47128)

11.5.10.0 (Intel Download v14.8.3)

As a test, I installed a PCI Intel Pro/100+ Management Adapter using Driver v8.0.47.1 PNP ID: PCI\VEN_8086&DEV_1229&SUBSYS_000C8086&REV_08

With the above PCI NIC installed, all of the Network related errors and issues stopped and with this NIC installed logon times are dramatically improved.

I then pulled the PCI Pro/100+ NIC out and went back to the integrated 82657LM-3 NIC and the networking issues returned.

I then set a static IP address to the TCP/IP config associated with the integrated 82567LM-3 NIC - the network related issues appear to be resolved.

I then went back to DHCP and the problem returned.

Also, with the "Troubleshooting Assistant", I have now discovered this wasn't doing anything at all, time was the factor in this.

After the machine has rebooted, if a user account logs onto the machine, the network related issues are immedietely apparent, i.e. logon script doesn't execute, Group Policy redirected folders fail as well as the users 'Home Drive' doesn't get mapped (AD assigned Home Drive) the Roaming Profile doesn't get applied. At this stage, browsing the DFS via file://\\LAB-DOMAIN\DFSRoot \\LAB-DOMAIN\DFSRoot also fails to resolve the shares.

However, I discovered if I wait a few moments, the Windows Explorer window will show the DFS shares. I have noticed some delayed services are also starting up in the background - here is the sequence of events:

Machine starting up - last System Event log entry:

 

27/01/2010 1:41:30 PM - The Windows Connect Now - Config Registrar service entered the running state.

By this stage the user is logged on with the Desktop showing, no DFS shares visible via Windows Explorer showing file://\\LAB-DOMAIN\DFSRoot \\LAB-DOMAIN\DFSRoot

Wait a few moments... The following services start:

 

27/01/2010 1:42:06 PM - The Software Protection service entered the running state.

 

27/01/2010 1:42:07 PM - The Security Center service entered the running state.

 

27/01/2010 1:42:08 PM - The Windows Update service entered the running state.

 

DFS Shares are now appearing in the Windows Explorer window...

Not sure how relevant this information is, the 2x DC7900s connect to a Cisco 2950 switch (100MB ports). This switch then connects to another 2950 switch using one of the GB ports. The second 2950 switch is then patched directly to the Windows 2003 Server acting as the Domain Controller with DNS, DFS and DHCP installed.

idata
Employee
1,596 Views

If you're despirate and just need the darn thing to work right now: I dropped a batch file w/ a continuous ping to another network server into my startup folder. It's an incredibly stupid kludge that appears to be preventing "NIC Narcolepsy" at the moment. Crossing fingers that new drivers will be out soon....

0 Kudos
idata
Employee
1,596 Views

My main issue at the moment is when the computer starts it's not authenticating to the domain. NETLOGON is erroring out, Group Policies aren't applying and the user sees a balloon pop-up upon login showing there was errors. I don't know that a ping command to initiate network traffic can be implemented during machine startup at such an early stage.

0 Kudos
idata
Employee
1,596 Views

I have been working on this issue with HP for about a week now, we have made some progress.

Here is a snap-shot of what has been going on.

Firstly, HP asked me to download and install a specific version of the Network driver from the link below sp47116.exe (260 MB)

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=au&prodTypeId=12454&prodSeriesId=3785403&prodNameId=3785038&swEnvOID=4053&swLang=13&mode=2&taskId=135&swItem=vc-79267-1

At the same time, disable the IPV6 from the Network Properties

Right Click on the Local Area Connection->Networking Tab->Remove the tick from check box for Internet Protocol version 6(TCP/IPv6)->Click Ok

At this point some of the issues appear to have been resolved. The login script is now executing during the user logon, user-based group policies appear to be applying including redirected folders and the roaming profile appears to be applying correctly. So the user level authentication and networking services appear to be working as expected.

 

The issue of the NETLOGON error during machine start-up was still remaining. This appears to be interfering with the machine establishing authentication with the domain and/or domain controller during start-up.

 

The event ID is: 5719 - NETLOGON

This computer was not able to set up a secure session with a domain controller in domain LAB-DOMAIN due to the following:

 

There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

After I installed the new driver and disabling of IPV6, this appears to have produced 3 new issues, interestingly each of them appear to be machine based.

1. Following a successful logon, there is a balloon prompt appearing from the Network Icon in the task bar area stating "Additional logon information may be required". If you click on the balloon it opens up Internet Explorer's home page which just so happens to be our Intranet page.

2. The Network icon is now permanently showing as "No Internet Access". This yellow exclamation mark never seems to go away even though Internet Access is definately available to this machine.

3. Computer based Group Policies are throwing an error as follows:

The event ID is: 1129 - Group Policy

The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

I reported this information back to HP who returned with three more suggestions:

Suggestion 1.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;202840 http://support.microsoft.com/default.aspx?scid=kb;EN-US;202840 -

This article suggests to implement a registry key that delays the NETLOGON service from authenticating to the domain.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters - ExpectedDialupDelay

 

After reviewing the article, I attempted to implement the ExpectedDialupDelay key using various values that represent the number of seconds NETLOGON should wait. I tried 5, 10 and 15 decimal values (to represent delays of 5, 10 and 15 seconds). None of these have had any effect. I'm not sure how many seconds would be deemed acceptible as my interpretation is this could only make the problem worse - because the machines boot so quickly as it is. My interpretation is, if the machine is booted and is already to accept user Login, if the NETLOGON service still hasn't authenticated to the domain because it's wiating x number of seconds, surely this will only compound the problem. If anything, I need NETLOGON to authenticate during machine startup, not after it's aleady started up and waiting for a user to logon.

Suggestion 2.

http://support.microsoft.com/kb/168455/ http://support.microsoft.com/kb/168455/

This article suggests to disable the Spanning Tree algorithm feature on the network switch as well as Port Trunking or Port Aggregation. After disabling Spanning Tree, the network icon on the bottom-right of the screen now permanently shows 'Internet Access'. The switches already had Port Trunking and Port Aggregation disabled (well, not enabled anyhow).

Whilst the problems with the user logon (group policy, login scripts, redirected folders etc) were mainly resolved when disabling IPV6, there was still the ocassional login which presented the issues. The removal of Spanning Tree Protocol has further improved these.

Whilst I was logged onto the switches (2x Cisco 2950-T connected via 1GB Uplink ports) I noticed a mismatch between the uplink settings on the 1GB ports connecting the two switches. I ensured these were both set identically but there were no additional improvements from doing this.

Suggestion 3.

http://support.microsoft.com/kb/310339 http://support.microsoft.com/kb/310339

This article seems to be more aimed at addressing issues on the Domain Controller, if the Domain Controller is exhibiting the NETLOGON errors so I haven't implemented this one as the Domain Controller is showing no signs of NETLOGON issues, it's only happening on the Windows 7 clients with these 82657LM-3 NICs. I have asked HP if they intended for us to implement this on the client instead.

The registry key change described is: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters - MaxDgramBuffering

So I guess I'm now down to just needing to resolve the NETLOGON issue. If I can get that sorted, I'll be happy.

Regards,

 

Ben
0 Kudos
idata
Employee
1,596 Views

I've been going through the System Event Log on one of the Windows 7 machine with the NETLOGON problems.

I have noticed some strange and somewhat interesting behaviour occuring in the System events.

To make analysis of the System event log easier, I cleared the log and rebooted.

In there you can see the NETLOGON error, interestingly, the NETLOGON error occurs at 1:47:00 PM but the NETLOGON error appears in the System Event Log inbetween events being recorded at 1:46:58 PM and 1:46:59 PM. It's like the NETLOGON error is recorded to the event log out of sync or out of time, something strange it gonig on.

As a demonstration, the following events are recorded in the following sequence:

1:46:59 - The Plug and Play service entered the running state.

 

1:46:59 - One or more of the Plug and Play service's subsystems has changed state.

 

1:47:00 - NETLOGON ERROR 1:46:59 - The Power service entered the running state.

 

1:46:59 - Intel(R) 82567LM-3 Gigabit Network Connection Network link has been established at 100Mbps full duplex.

 

1:46:59 - The DCOM Server Process Launcher entered the running state

 

1:46:59 - The RPC Endpoint Mapper service entered the running state.

 

1:46:59 - The Remote Procedure Call (RPC) service entered the running state.

 

1:46:59 - The Windows Event Log service entered the running state.

 

1:46:59 - The Multimedia Class Scheduler service entered the running state.

 

1:46:59 - The Windows Audio Endpoint Builder service entered the running state.

 

1:46:59 - The Windows Audio service entered the running state.

 

1:46:59 - The Themes service entered the running state.

 

1:46:59 - The Group Policy Client service entered the running state.

 

1:46:59 - The User Profile Service service entered the running state.

 

1:46:59 - The Offline Files service entered the running state.

 

1:46:59 - The COM+ Event System service entered the running state.

 

1:46:59 - The System Event Notification Service service entered the running state.

 

1:46:59 - The Desktop Window Manager Session Manager service entered the running state.

 

1:46:59 - The Security Accounts Manager service entered the running state.

 

1:46:59 - The Network Store Interface Service service entered the running state.

 

1:46:59 - The TCP/IP NetBIOS Helper service entered the running state.

 

1:46:59 - DHCPv4 client service is started

 

1:46:59 - DHCPv6 client service is started

 

1:46:59 - The DHCP Client service entered the running state.

 

1:46:59 - The DNS Client service entered the running state.

 

1:46:59 - The Shell Hardware Detection service entered the running state.

 

1:46:59 - The Task Scheduler service entered the running state.

 

1:46:59 - The Print Spooler service entered the running state.

 

1:47:00 - The Base Filtering Engine service entered the running state.

 

1:47:00 - The Windows Firewall service entered the running state.

 

1:47:00 - The Workstation service entered the running state.

 

1:47:00 - The Netlogon service entered the running state.

 

1:47:00 - The Cryptographic Services service entered the running state.

 

1:47:00 - The Diagnostic Policy Service service entered the running state.

 

1:47:00 - The Program Compatibility Assistant service started successfully.

 

1:47:00 - The Program Compatibility Assistant Service service entered the running state.

 

1:47:00 - The Remote Registry service entered the running state.

 

1:47:00 - The IKE and AuthIP IPsec Keying Modules service entered the running state.

 

1:47:00 - The Superfetch service entered the running state.

 

1:47:00 - The Distributed Link Tracking Client service entered the running state.

 

1:47:00 - The Network Location Awareness service entered the running state.

 

Notice there is an entry for the NETLOGON error but it seems to be in the middle of events being recorded at a differnet time.

Also, I am now noticing this in the System Event log:

 

Event ID: 27 - e1kexpress - Intel(R) 82567LM-3 Gigabit Network Connection Network link has been disconnected.

 

Event ID: 7042 - The TCP/IP NetBIOS Helper service was successfully sent a stop control. The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)] Comment: None

 

Event ID: 7036 - The TCP/IP NetBIOS Helper service entered the stopped state.

 

Event ID: 35 - Intel(R) 82567LM-3 Gigabit Network Connection Network link has been established at 10Mbps full duplex.

Then a short time later:

Event ID: 27 - e1kexpress - Intel(R) 82567LM-3 Gigabit Network Connection Network link has been disconnected.

 

Event ID: 7042 - The TCP/IP NetBIOS Helper service was successfully sent a stop control. The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)] Comment: None

 

Event ID: 7036 - The TCP/IP NetBIOS Helper service entered the stopped state.

 

Event ID: 35 - Intel(R) 82567LM-3 Gigabit Network Connection Network link has been established at 100Mbps full duplex.

Also, I've trialled 2 more PCI and PCI-Express Network Cards in the DC7900.

I have installed an Intel Gigabit CT Desktop Adapter and then an Intel PRO/1000 PT Server Adapter. Both of these NICs are 10/100/1000 capable.

With these two NICs installed, the problems remained. When I installed the Pro 100 Management Adapter (note, this NIC is not 1GB, only 100MB), the problems did not exist.

Could this indicate issues with the Driver/NIC/Windows detecting the network link speed?

The fact that the event log is now showing the NIC is disconnecting and reconnecting at speeds of 10MB and 100MB, is this a sign the NIC is constantly trying to re-negotiate the speed?

Regards,

Ben

0 Kudos
idata
Employee
1,596 Views

hello, we have same issue on HP 6000 PRO win 7 32bit professional and 82657 LM3 controller.

 

looks like the problem is something driver-related. we have used all the possible supported driver but still get the problem.

 

we resolve only using static IP or installing another PCI network card.

 

updated bios, chipset drivers, windows update but nothing. even set the lan speed to 100mb doesn't help with this.

 

we are close to deploy hp 300 desktop with this, and waiting up to see how to fix.

 

hp notebooks with win 7 32bit, dhcp and common config don't have this problem.

anyone knows if is it possible to have a beta-kind driver from HP / intel to fix it ?

 

thanks
0 Kudos
idata
Employee
1,596 Views

Any updates on this? I'm still seeing this issue with some of my clients.

0 Kudos
idata
Employee
1,596 Views

I am not seeing DNS or DFS issues, but a large number of our new Win7 x64 Dell 980s with the 82578DM NIC are randomly losing their IP address and not being able to get a new one. Strangely enough most of the time the techs remove the PC from the domain and then re join it. Can't explain it.

The driver versions were from DELL dated 12-2010. I just put ver 11.13.51.0 dated 7/20/2011 on a couple and they have not had a problem for about a week now. Others still having issues.

FYI, this is a relatively unchanged network with a history of reliable networking Win2k8 R2 DC's running DHCP, DNS etc. There are about 10-15 other different models of PC's and laptops in the same network hardware/subnet DHCP scope etc. that are NOT having this problem at all.

0 Kudos
Reply