ptwilliams?
From: C Hall (someone_at_microsoft.com)
Date: 07/28/04
- Next message: Joe Richards [MVP]: "Re: DSGET utility"
- Previous message: Joe Richards [MVP]: "Re: Active Directory Users and Computers find does not show disabled accounts"
- Next in thread: Mark Renoden [MSFT]: "Re: ptwilliams?"
- Reply: Mark Renoden [MSFT]: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 28 Jul 2004 17:19:00 -0400
Hi Paul,
I've seen your posts throughout this great forum and you've helped me in the
past. I'm trying to narrow down a problem with one of my two DCs and was
hoping you could give me some pointers. I'm having problems with the 2nd dc
installed in the network. A while back (June), I had run netdiag just as a
precaution, and everything was looking fine. I started having problems with
time synch, which I was able to resolve. Afterwards, I tried to open ADUC
and received the following message:
Naming information cannot be located because: The logon attempt
failed.
I get the same message with ADSS.
Looking at the event viewer, I saw errors in Application:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 7/16/2004
Time: 4:20:02 PM
User: NT AUTHORITY\SYSTEM
Computer: LEXW2KSVR1
Description:
Windows cannot determine the user or computer name. Return value
(1326).
I ran netdiag and get this:
DC list test . . . . . . . . . . . : Failed
[WARNING] Cannot call DsBind to lexw2ksvr1.secfedbank.com (10.20.132.2).
[ERROR_LOGON_FAILURE]
Trust relationship test. . . . . . : Passed
Secure channel for domain 'SECFEDBANK' is to
'\\opsw2ksvr1.secfedbank.com'.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for LEXW2KSVR1$.
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'lexw2ksvr1.secfedbank.com'.
[FATAL] Cannot do NTLM authenticated ldap_bind to
'opsw2ksvr1.secfedbank.com': Invalid Credentials.
[FATAL] Cannot do Negotiate authenticated ldap_bind to
'opsw2ksvr1.secfedbank.com': Invalid Credentials.
[WARNING] Failed to query SPN registration on DC
'opsw2ksvr1.secfedbank.com'.
When I installed both DCs, I was cautious as to the problems that
misconfigured dns could cause, so everything there is correct (;-p). I've
verified AD installation & srv records. I've googled and searched for
answers on technet for LDAP errors and event id:1000, to no avail. Per kb
article 329887, I've reset security configuration and that didn't work
either. At the moment, I'm reading AD Troubleshooting Chapter 10, which I
found on the MS website. I'm not to familiar with LDAP, which seems to be
having some problems.
If you could offer any insight, I'd greatly appreciate it!
- Next message: Joe Richards [MVP]: "Re: DSGET utility"
- Previous message: Joe Richards [MVP]: "Re: Active Directory Users and Computers find does not show disabled accounts"
- Next in thread: Mark Renoden [MSFT]: "Re: ptwilliams?"
- Reply: Mark Renoden [MSFT]: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
