none
MSSOAP

    Question

  • We are running XP pro on a domain.  One computer cannot access a particular program.  meaning the program does start but when anyone tries to log on to the program it comes up with an error of "invalid user name or password."  However, several users including admins have tried also on this computer with the same error.  In the event viewer the errors on the dates this started are SOAP errors which state" unpecified client error" and and a few other errors that say "windows cannot obtain the domain controller for your computer network." Also there was another error that said "the automatic certification enrollment for local system failed to contact active directory.  Specified domain either does not exist or could not be contacted."   When this user logs on to this program from another computer she can access the program but the Soap errors occur but not the others.  What is the cause and solution for this?
    Saturday, December 03, 2011 9:28 PM

Answers

  • Hi,

    This problem may occur if the Autoenrollment feature cannot reach an Active Directory domain controller and this may be caused by a DNS name resolution or by network connectivity issue.

    Autoenrollment feature cannot reach an Active Directory domain controller
    http://support.microsoft.com/kb/310461

    http://technet.microsoft.com/en-us/library/cc755801(WS.10).aspx

    XP Users can't connect to Domain
    http://forums.whirlpool.net.au/archive/1704372

    Run "dcdiag /q", "Netdiag /q" (If 2003 DC) and "repadmin /replsum"  on DC for any errors.

    SOAP error check the last entry about the toolkit:
    http://www.eventid.net/display.asp?e...MSSOAP&phase=1

    http://www.microsoft.com/downloads/d...displaylang=en

    http://support.microsoft.com/kb/825075/en-us

    As per you comments it looks like the issue with particular workstations, check the network connectivity, NIC card driver and ensure the all workstations and servers are updated with latest update and patches also you may try disjoin and rejoin problem machine to domain.

    Also ensure the IP and DNS configuration on each DC and workstation: 

    Domain Controller

    • Each DC / DNS server points to its private IP address as primary DNS server and other internal/remote DNS servers as secondary DNS in TCP/IP property.
    • Each DC has just one IP address, if multiple NICs are present, disable unused NICs. Active NIC should be on top in NIC bind order.

     

    Workstations:

    • Each workstation/member server points to local DNS server IP address as primary DNS server and remote DNS servers IP as secondary DNS in TCP/IP property.

    Once you are done with above, open command prompt and run "ipconfig /flushdns & ipconfig /registerdns", restart NETLOGON service on each DC and workstation.

     

    Regards, 

     


    Abhijit Waikar - MCSA 2003|MCSA 2003:Messaging|MCTS|MCITP:SA
    Saturday, December 03, 2011 11:37 PM
  • Hello,

    I agree with Abhijit as this seems to be a DNS issue or network connectivity issue.

    Please proceed like that:

    • Choose a DC / DNS server and make each DC points to it as primary DNS server
    • Make each DC / DNS server points to its private IP address as secondary DNS server and 127.0.0.1 as third one
    • Make sure that each DC has one IP address and just one NIC card enabled

    Once done, run ipconfig /registerdns and restart netlogon on each DC you have. Like that, all DCs with update their DNS records on the chosen DC and this DC will holds the right copies of your domain DNS zones and replicate them to other DCs if they are AD-Integrated ones.

    To make sure that AD replication is made without issues, please run dcdiag on all DCs you have and check the output.

    For connectivity, please check it using ping requests on IP address.

    If this does not help, consider disabling all security softwares that you use and make sure that there is no firewall blocking traffic between the client computer and the DC.

    For the client computer, make it points to your internal DC / DNS servers as primary and secondary DNS servers.

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Sunday, December 04, 2011 12:51 AM

All replies

  • Hi,

    This problem may occur if the Autoenrollment feature cannot reach an Active Directory domain controller and this may be caused by a DNS name resolution or by network connectivity issue.

    Autoenrollment feature cannot reach an Active Directory domain controller
    http://support.microsoft.com/kb/310461

    http://technet.microsoft.com/en-us/library/cc755801(WS.10).aspx

    XP Users can't connect to Domain
    http://forums.whirlpool.net.au/archive/1704372

    Run "dcdiag /q", "Netdiag /q" (If 2003 DC) and "repadmin /replsum"  on DC for any errors.

    SOAP error check the last entry about the toolkit:
    http://www.eventid.net/display.asp?e...MSSOAP&phase=1

    http://www.microsoft.com/downloads/d...displaylang=en

    http://support.microsoft.com/kb/825075/en-us

    As per you comments it looks like the issue with particular workstations, check the network connectivity, NIC card driver and ensure the all workstations and servers are updated with latest update and patches also you may try disjoin and rejoin problem machine to domain.

    Also ensure the IP and DNS configuration on each DC and workstation: 

    Domain Controller

    • Each DC / DNS server points to its private IP address as primary DNS server and other internal/remote DNS servers as secondary DNS in TCP/IP property.
    • Each DC has just one IP address, if multiple NICs are present, disable unused NICs. Active NIC should be on top in NIC bind order.

     

    Workstations:

    • Each workstation/member server points to local DNS server IP address as primary DNS server and remote DNS servers IP as secondary DNS in TCP/IP property.

    Once you are done with above, open command prompt and run "ipconfig /flushdns & ipconfig /registerdns", restart NETLOGON service on each DC and workstation.

     

    Regards, 

     


    Abhijit Waikar - MCSA 2003|MCSA 2003:Messaging|MCTS|MCITP:SA
    Saturday, December 03, 2011 11:37 PM
  • Hello,

    I agree with Abhijit as this seems to be a DNS issue or network connectivity issue.

    Please proceed like that:

    • Choose a DC / DNS server and make each DC points to it as primary DNS server
    • Make each DC / DNS server points to its private IP address as secondary DNS server and 127.0.0.1 as third one
    • Make sure that each DC has one IP address and just one NIC card enabled

    Once done, run ipconfig /registerdns and restart netlogon on each DC you have. Like that, all DCs with update their DNS records on the chosen DC and this DC will holds the right copies of your domain DNS zones and replicate them to other DCs if they are AD-Integrated ones.

    To make sure that AD replication is made without issues, please run dcdiag on all DCs you have and check the output.

    For connectivity, please check it using ping requests on IP address.

    If this does not help, consider disabling all security softwares that you use and make sure that there is no firewall blocking traffic between the client computer and the DC.

    For the client computer, make it points to your internal DC / DNS servers as primary and secondary DNS servers.

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Sunday, December 04, 2011 12:51 AM
  • Hi,

     

    How is everything going? Could you please tell us the present situation? If you need any further assistance, please do not hesitate to respond back.

     

    Thanks!


    Please remember to click “Mark as Answer” on the post that

    Elytis Cheng

    TechNet Community Support

    Wednesday, December 07, 2011 1:39 AM
    Moderator