Re: ptwilliams?
From: Mark Renoden [MSFT] (markreno_at_online.microsoft.com)
Date: 07/28/04
- Next message: Mark-Allen: "Re: Unwanted share access despite security settings"
- Previous message: Michael Morrison: "RE: Math"
- In reply to: C Hall: "ptwilliams?"
- Next in thread: C Hall: "Re: ptwilliams?"
- Reply: C Hall: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 29 Jul 2004 08:43:08 +1000
Hi
Which DC is the PDCe? I'm guessing opsw2ksvr1?
If so, I'd suggest:
1. Point both DC's to opsw2ksvr1 as the preferred DNS server.
2. Reset the secure channel for lexw2ksvr1:
216393 Resetting computer accounts in Windows 2000 and Windows XP
http://support.microsoft.com/?id=216393
If this issue has been around for some time (>60 days) you may need to
remove lexw2ksvr1 from the domain as a DC and re-promote. If you think this
is the way you want to head, post back and I'll provide more details.
Kind regards
-- Mark Renoden [MSFT] Windows Platform Support Team Email: markreno@online.microsoft.com Please note you'll need to strip ".online" from my email address to email me; I'll post a response back to the group. This posting is provided "AS IS" with no warranties, and confers no rights. "C Hall" <someone@microsoft.com> wrote in message news:Op$cDiOdEHA.3380@TK2MSFTNGP12.phx.gbl... > Hi Paul, > > I've seen your posts throughout this great forum and you've helped me in > the > past. I'm trying to narrow down a problem with one of my two DCs and was > hoping you could give me some pointers. I'm having problems with the 2nd > dc > installed in the network. A while back (June), I had run netdiag just as a > precaution, and everything was looking fine. I started having problems > with > time synch, which I was able to resolve. Afterwards, I tried to open ADUC > and received the following message: > > Naming information cannot be located because: The logon attempt > failed. > > I get the same message with ADSS. > > Looking at the event viewer, I saw errors in Application: > > Event Type: Error > Event Source: Userenv > Event Category: None > Event ID: 1000 > Date: 7/16/2004 > Time: 4:20:02 PM > User: NT AUTHORITY\SYSTEM > Computer: LEXW2KSVR1 > Description: > Windows cannot determine the user or computer name. Return value > (1326). > > I ran netdiag and get this: > > DC list test . . . . . . . . . . . : Failed > [WARNING] Cannot call DsBind to lexw2ksvr1.secfedbank.com > (10.20.132.2). > [ERROR_LOGON_FAILURE] > > > Trust relationship test. . . . . . : Passed > Secure channel for domain 'SECFEDBANK' is to > '\\opsw2ksvr1.secfedbank.com'. > > > Kerberos test. . . . . . . . . . . : Failed > [FATAL] Kerberos does not have a ticket for LEXW2KSVR1$. > > > LDAP test. . . . . . . . . . . . . : Passed > [WARNING] Failed to query SPN registration on DC > 'lexw2ksvr1.secfedbank.com'. > [FATAL] Cannot do NTLM authenticated ldap_bind to > 'opsw2ksvr1.secfedbank.com': Invalid Credentials. > [FATAL] Cannot do Negotiate authenticated ldap_bind to > 'opsw2ksvr1.secfedbank.com': Invalid Credentials. > [WARNING] Failed to query SPN registration on DC > 'opsw2ksvr1.secfedbank.com'. > > > > When I installed both DCs, I was cautious as to the problems that > misconfigured dns could cause, so everything there is correct (;-p). I've > verified AD installation & srv records. I've googled and searched for > answers on technet for LDAP errors and event id:1000, to no avail. Per kb > article 329887, I've reset security configuration and that didn't work > either. At the moment, I'm reading AD Troubleshooting Chapter 10, which I > found on the MS website. I'm not to familiar with LDAP, which seems to be > having some problems. > > If you could offer any insight, I'd greatly appreciate it! > >
- Next message: Mark-Allen: "Re: Unwanted share access despite security settings"
- Previous message: Michael Morrison: "RE: Math"
- In reply to: C Hall: "ptwilliams?"
- Next in thread: C Hall: "Re: ptwilliams?"
- Reply: C Hall: "Re: ptwilliams?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
