Re: ptwilliams?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: C Hall (someone_at_microsoft.com)
Date: 08/02/04 

Date: Mon, 2 Aug 2004 09:04:08 -0400

Paul,

Here it is:

C:\>nltest /sc_query:secfedbank
Flags: 30 HAS_IP HAS_TIMESERV
Trusted DC Name \\opsw2ksvr1.secfedbank.com
Trusted DC Connection Status Status = 0 0x0 NERR_Success
The command completed successfully

"ptwilliams" <ptw2001@hotmail.com> wrote in message
news:OLqQVv$dEHA.3864@TK2MSFTNGP10.phx.gbl...
> Hi C Hall, thanks for the vote of confidence and the praise!!! I'm really
> chuffed!!! Sorry for the delay, I've been away for a day or two...
>
> Well, I'm glad Mark was able to help you!! I was unaware that you can't
> reset a secure channel password using RDP!! That's both interesting and
> helpful!! Thanks Mark ;-)
>
> Anyway, enough time has now passed whether needed or not. So...are you
> still getting these issues?? I assume so... And, just to clarify, what
> secret password did you reset? The DCs that's throwing the errors I
assume,
> but thought I'd best check??
>
> On the DC that has these problems, run this:
>
> C:\>nltest /sc_query:secfedbank.com
>
>
> And post the result...
>
>
> --
>
> Paul Williams
> _________________________________________
> http://www.msresource.net
>
>
> Join us in our new forums!
> http://forums.msresource.net
> _________________________________________
>
>
> "C Hall" <someone@microsoft.com> wrote in message
> news:O1uejlkdEHA.1152@TK2MSFTNGP09.phx.gbl...
> I may have spoke too soon....I just got back into the office and although
> logging into the console and getting a 'command completed successfully'
> message, when I tried to open AD tools through Terminal Servcies, I get
the
> same message as before: "Naming information cannot be located because: The
> logon attempt failed."
>
> Should I restart the server? Or perhaps just give it time...suggestions?
>
>
>
> "Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
> news:#8MEKzbdEHA.4048@TK2MSFTNGP12.phx.gbl...
> > Hi
> >
> > You got the message "The specified network password is not correct"
> because
> > you tried to do this via a Terminal Session. Try logging onto the
console
> > instead.
> >
> > Kind regards
> > --
> > Mark Renoden [MSFT]
> > Windows Platform Support Team
> > Email: markreno@online.microsoft.com
> >
> > Please note you'll need to strip ".online" from my email address to
email
> > me; I'll post a response back to the group.
> >
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> >
> > "C Hall" <someone@microsoft.com> wrote in message
> > news:e67JiNXdEHA.556@tk2msftngp13.phx.gbl...
> > > Mark,
> > >
> > > I tried to do this on the server (throught TS) in question and
received
> an
> > > error: The specified network password is not correct. The command
failed
> > > to
> > > complete successfully.
> > >
> > > Tried it on the other dc and received: The network path was not found.
> The
> > > command failed to complete successfully.
> > >
> > > Trying to do this with ADUC, I get the message that it's a dc and the
> > > password cannot be reset.
> > >
> > > I guess this means that I'm going to have to demote/promote the dc?
> > >
> > > "C Hall" <someone@microsoft.com> wrote in message
> > > news:es$4#4WdEHA.4004@TK2MSFTNGP10.phx.gbl...
> > >> Mark,
> > >>
> > >> You are correct, opsw2ksvr1 is the PDCe. I do have both servers
> pointing
> > > at
> > >> it as the dns server and will will reset the secure channel. The
first
> I
> > > saw
> > >> this message was 6/30 and it wasn't until the middle of this month
that
> > > it's
> > >> (the error in event viewer) been happening with any frequency.
> > >>
> > >> Thanks for your reply and I'll post back the results.
> > >>
> > >>
> > >>
> > >> "Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in
message
> > >> news:O1MqpQPdEHA.1152@TK2MSFTNGP09.phx.gbl...
> > >> > Hi
> > >> >
> > >> > Which DC is the PDCe? I'm guessing opsw2ksvr1?
> > >> >
> > >> > If so, I'd suggest:
> > >> >
> > >> > 1. Point both DC's to opsw2ksvr1 as the preferred DNS server.
> > >> >
> > >> > 2. Reset the secure channel for lexw2ksvr1:
> > >> >
> > >> > 216393 Resetting computer accounts in Windows 2000 and Windows
XP
> > >> > http://support.microsoft.com/?id=216393
> > >> >
> > >> > If this issue has been around for some time (>60 days) you may need
> to
> > >> > remove lexw2ksvr1 from the domain as a DC and re-promote. If you
> think
> > >> this
> > >> > is the way you want to head, post back and I'll provide more
details.
> > >> >
> > >> > Kind regards
> > >> > --
> > >> > Mark Renoden [MSFT]
> > >> > Windows Platform Support Team
> > >> > Email: markreno@online.microsoft.com
> > >> >
> > >> > Please note you'll need to strip ".online" from my email address to
> > > email
> > >> > me; I'll post a response back to the group.
> > >> >
> > >> > This posting is provided "AS IS" with no warranties, and confers no
> > >> rights.
> > >> >
> > >> > "C Hall" <someone@microsoft.com> wrote in message
> > >> > news:Op$cDiOdEHA.3380@TK2MSFTNGP12.phx.gbl...
> > >> > > Hi Paul,
> > >> > >
> > >> > > I've seen your posts throughout this great forum and you've
helped
> me
> > > in
> > >> > > the
> > >> > > past. I'm trying to narrow down a problem with one of my two DCs
> and
> > > was
> > >> > > hoping you could give me some pointers. I'm having problems with
> the
> > > 2nd
> > >> > > dc
> > >> > > installed in the network. A while back (June), I had run netdiag
> just
> > > as
> > >> a
> > >> > > precaution, and everything was looking fine. I started having
> > >> > > problems
> > >> > > with
> > >> > > time synch, which I was able to resolve. Afterwards, I tried to
> open
> > >> ADUC
> > >> > > and received the following message:
> > >> > >
> > >> > > Naming information cannot be located because: The logon
> > >> > > attempt
> > >> > > failed.
> > >> > >
> > >> > > I get the same message with ADSS.
> > >> > >
> > >> > > Looking at the event viewer, I saw errors in Application:
> > >> > >
> > >> > > Event Type: Error
> > >> > > Event Source: Userenv
> > >> > > Event Category: None
> > >> > > Event ID: 1000
> > >> > > Date: 7/16/2004
> > >> > > Time: 4:20:02 PM
> > >> > > User: NT AUTHORITY\SYSTEM
> > >> > > Computer: LEXW2KSVR1
> > >> > > Description:
> > >> > > Windows cannot determine the user or computer name. Return
> > > value
> > >> > > (1326).
> > >> > >
> > >> > > I ran netdiag and get this:
> > >> > >
> > >> > > DC list test . . . . . . . . . . . : Failed
> > >> > > [WARNING] Cannot call DsBind to lexw2ksvr1.secfedbank.com
> > >> > > (10.20.132.2).
> > >> > > [ERROR_LOGON_FAILURE]
> > >> > >
> > >> > >
> > >> > > Trust relationship test. . . . . . : Passed
> > >> > > Secure channel for domain 'SECFEDBANK' is to
> > >> > > '\\opsw2ksvr1.secfedbank.com'.
> > >> > >
> > >> > >
> > >> > > Kerberos test. . . . . . . . . . . : Failed
> > >> > > [FATAL] Kerberos does not have a ticket for LEXW2KSVR1$.
> > >> > >
> > >> > >
> > >> > > LDAP test. . . . . . . . . . . . . : Passed
> > >> > > [WARNING] Failed to query SPN registration on DC
> > >> > > 'lexw2ksvr1.secfedbank.com'.
> > >> > > [FATAL] Cannot do NTLM authenticated ldap_bind to
> > >> > > 'opsw2ksvr1.secfedbank.com': Invalid Credentials.
> > >> > > [FATAL] Cannot do Negotiate authenticated ldap_bind to
> > >> > > 'opsw2ksvr1.secfedbank.com': Invalid Credentials.
> > >> > > [WARNING] Failed to query SPN registration on DC
> > >> > > 'opsw2ksvr1.secfedbank.com'.
> > >> > >
> > >> > >
> > >> > >
> > >> > > When I installed both DCs, I was cautious as to the problems that
> > >> > > misconfigured dns could cause, so everything there is correct
> (;-p).
> > >> I've
> > >> > > verified AD installation & srv records. I've googled and searched
> for
> > >> > > answers on technet for LDAP errors and event id:1000, to no
avail.
> > >> > > Per
> > >> kb
> > >> > > article 329887, I've reset security configuration and that didn't
> > >> > > work
> > >> > > either. At the moment, I'm reading AD Troubleshooting Chapter 10,
> > > which
> > >> I
> > >> > > found on the MS website. I'm not to familiar with LDAP, which
seems
> > >> > > to
> > >> be
> > >> > > having some problems.
> > >> > >
> > >> > > If you could offer any insight, I'd greatly appreciate it!
> > >> > >
> > >> > >
> > >> >
> > >> >
> > >>
> > >>
> > >
> > >
> >
> >
> >
>
>
>

Relevant Pages

  • Re: ptwilliams?
    ... I may have spoke too soon....I just got back into the office and although ... message, when I tried to open AD tools through Terminal Servcies, I get the ... Try logging onto the console ...
    (microsoft.public.win2000.active_directory)
  • Re: Disappearing files, created from /etc/X11/Xclients
    ... Please include freebsd-questions on any replies. ... Also there is no console because this is the /etcX11/Xclients script, e.g. it is executed by gdm after logging in to X window system through xdmpc. ... If that fails, then try opening the file in the home directory of the user who you are testing as. ...
    (freebsd-questions)
  • Iptables and logging to the console
    ... How can I stop Iptables logging to the console? ... # Kernel sysctl configuration file for Red Hat Linux ... # Controls source route verification ...
    (Fedora)
  • Re: How to copy files/pictures from CD in Suse 11.3 ?
    ... On Friday 23 Jul 2010 18:34, while playing with a tin of spray paint, ... at the bottom tool bar are not as they were originally (some on the ... console and delete the file there, before logging off from the console ... and the logging back into the GUI desktop. ...
    (alt.os.linux.suse)
  • Re: debugging pppoe
    ... On Monday 11 June 2007 22:54, Michael P. Soulier wrote: ... I turned up the logging and I had to turn it down before it ... The default is ``set log local'' (i.e., ... Something else of possible interest is that ppp, can serve its console ...
    (freebsd-questions)