Event ID 32777 — Lookup Procedures
Applies To: Windows Server 2008
The Local Security Authority (LSA) policy provides a software interface for other software components when they query mappings between account names and security identifiers (SIDs) within the local domain and in trusted domains.
Event Details
Product: | Windows Operating System |
ID: | 32777 |
Source: | LsaSrv |
Version: | 6.0 |
Symbolic Name: | LSAEVENT_LOOKUP_TCPIP_NOT_INSTALLED |
Message: | The LSA was unable to register its RPC interface over the TCP/IP interface. Please make sure that the protocol is properly installed. |
Resolve
Install TCP/IP components
TCP/IP is not installed on the domain controller. Install TCP/IP on the domain controller so that remote lookup requests can succeed. Because TCP/IP is installed by default and cannot be removed without modifying the registry or running command-line tools, there is a good chance that there is something wrong with the default configuration of your computer or its hardware. If you know that TCP/IP was removed intentionally, determine if this is the appropriate computer on which to run a domain controller. If you want to run a domain controller on this computer, you must install TCP/IP. Perform the following procedure using a computer that is a member of the domain.
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority. Perform all steps using a computer that is a member of the domain.
To install TCP/IP:
- Open Network Connections. To open Network Connections, click Start. In Start Search, type ncpa.cpl, and then press ENTER. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- Right-click the network connection object that represents the network card that is used to communicate with other domains, and then click Properties. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- Click Install.
- Click Protocol, and then click Add.
- You should see Internet Protocol Version 4 (TCP/IPv4) as well as Internet Protocol Version 6 (TCP/IPv6). Select the appropriate protocol for your network. You may add them both; add them one at a time by repeating this procedure. Click OK.
- Statically configure the IP settings for your domain controller. To do this, you must know an available IP address, default gateway address, and preferred and alternate Domain Name System (DNS) server addresses. An alternate DNS server is not required. If you are entering an IPv4 address, you must also know a subnet mask. If you are entering an IPv6 address, you must know the subnet prefix length. Click the appropriate protocol, IPv4 or IPv6, and then click Properties.
- Enter the requested information, and then click OK.
If you are using both IPv4 and IPv6, you should configure static IP addresses for each.
For information about configuring and troubleshooting TCP/IP, see Chapter 16 - Troubleshooting TCP/IP (https://go.microsoft.com/fwlink/?LinkId=109262) and Windows Server 2003 TCP/IP Troubleshooting (https://go.microsoft.com/fwlink/?LinkId=109264).
Verify
To verify that security identifier (SID) and name lookup operations are functioning properly, you must have a utility that can translate account names to SIDs. PsTools from Microsoft includes the PsGetSid utility, which translates account names to SIDs and SIDs to account names. Perform the following procedures using a computer that is a member of the domain.
To perform these procedures, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
Obtain and extract PsTools
To obtain and extract PsTools:
- Download PsTools (https://go.microsoft.com/fwlink/?LinkId=87333).
- Extract PsTools.zip from your download folder to a new folder named PsTools. For example, to extract PsTools.zip to a PsTools folder on the C: drive, right-click the PsTools.zip file, and then click Extract All. In the Extraction Wizard, click Next. In Files will be extracted to this directory, type C:\PsTools, and then click Extract.
- Close the extraction destination folder (C:\PsTools), which automatically opens in a new window when the extraction is complete.
Verify that lookup operations succeed
To verify that lookup operations succeed:
- Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start Menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
- Change the directory path to the folder where you extracted PsTools. For example, if you extracted PsTools to the C:\PsTools folder, type cd /d c:\pstools, and then press ENTER.
- Type the command net config rdr, and then press ENTER. In the resulting command output, note the Workstation domain name, which is used in the following command.
- Type psgetsid domainname**\guest**, and then press ENTER, where domainname is the Workstation domain name in the output from the previous command:
- If this is the first time that you have run psgetsid on this computer, the PsGetSid License Agreement appears. Read the license agreement. If you agree to the terms, click Agree. If you do not agree to the terms, you cannot verify lookup using PsGetSid or continue with the following directions.
- The output from this command displays the SID of the guest account for the domain. This SID starts with S-1-5-21 and ends with -501. The domain guest account SID is used in the following command.
- Type psgetsid dgsid, where dgsid is the domain guest account SID that is displayed by the previous command, and then press ENTER. The output of the command translates the SID to the name of the domain guest account.
- Type hostname, and then press ENTER. The output of the command displays the local computer name, which is used in the following command.
- Type psgetsid hostname**\guest**, and then press ENTER, where hostname is the name of the local computer that appears after you run the hostname command. The output from this command displays the SID of the guest account for the local computer. The local guest account SID starts with S-1-5-21 and ends with -501, but it should have a different set of digits between S-1-5-21 and -501 than the domain guest account SID. The local computer guest account SID is used in the following command.
- Type psgetsid lgsid, where lgsid is the local computer guest account SID that is displayed by the command that you ran in the previous step, and then press ENTER. The command output translates the SID to the name of the local computer guest account.
If the previous commands execute without error, the lookup operations are functioning successfully.