Re: Why do PC's lose their trust relationship?

From: ptwilliams (ptw2001_at_hotmail.com)
Date: 02/12/05 

Date: Sat, 12 Feb 2005 09:51:59 -0000

So you've fixed it?!?

Nice. Well done!! 

-- 
Paul Williams
http://www.msresource.net/
http://forums.msresource.net/
<-> wrote in message news:uCi6h%23JEFHA.624@TK2MSFTNGP15.phx.gbl...
I THINK I'VE GOT PAY DIRT!!!
----
Type: Error
Event ID: 4319
Source: NetBT
User: N/A
Generated: 2/2/2005 11:12:24 PM
Message: A duplicate name has been detected on the TCP network.  The IP
address of the
machine that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.
Type: Warning
Event ID: 3033
Source: MRxSmb
User: N/A
Generated: 2/2/2005 11:12:24 PM
Message: The redirector was unable to register the address for transport
NetBT_Tcpip_{2E4FDBD6-0CE7-42D3-997E-9161E for the following reason: .
Transport has been taken offline.
Some NBTstat logs
---------------
    ---------------------------------------------
    PC1NOPROB    <00>  UNIQUE      Registered
    PC1NOPROB    <20>  UNIQUE      Registered
    DOMAIN            <00>  GROUP       Registered
    DOMAIN            <1E>  GROUP       Registered
    PC1NOPROB    <01>  UNIQUE      Registered
C:\Documents and Settings\>nbtstat -a PC2NOTRUST
Local Area Connection:
Node IpAddress: [10.30.49.61] Scope Id: []
           NetBIOS Remote Machine Name Table
       Name               Type         Status
    ---------------------------------------------
    PC2NOTRUST         <00>  UNIQUE      Registered
    DOMAIN             <00>  GROUP       Registered
    PC2NOTRUST         <20>  UNIQUE      Registered
    PC2NOTRUST         <03>  UNIQUE      Registered
    PC2NOTRUST$        <03>  UNIQUE      Registered
    DOMAIN             <1E>  GROUP       Registered
    MAC Address = xx-11-xx-02-F1-1B
============================================
and the clincher:
<-> wrote in message news:uX50NeJEFHA.4020@TK2MSFTNGP14.phx.gbl...
>I see event logs on the domain controller saying their secure channel
>password isn't correct.  I was able to look at the PC's event log (though
>couldn't map an administrative share due to trust relationship failur) and
>honestly nothing looks out of the ordinary.  I did see one thing where a
>service running with a domain account wouldn't start due to a password
>issue, but that would I think be more a symptom rather than the problem
>itself.
>
> We do have the occasional network outage.  In the last couple of months we
> have had two 1/2 hour outages and have been told that outages of 5 minutes
> or less won't be reported by the NetAdmins.  Also, the server admins ran
> into this problem when rebooting a server and voluntarily rejoining it to
> the domain.
>
> The setup is with a 100mbit ethernet with FDDI backbone, all based on
> Cisco. We have three DC's, all at HQ building.
>
> The main problem is that occasionally a machine will not synchronize its
> LSA password and then, it cannot serve.  Best guess is that it had network
> problems when it was its time to synchronize it, and it just got out of
> sync.
>
> I have checked the netlogon logs and not seen anything, I'll run the
> kerberos check and see if that turns anything up.
>
> "ptwilliams" <ptw2001@hotmail.com> wrote in message
> news:uBZT4nHEFHA.1600@TK2MSFTNGP10.phx.gbl...
>>I assume we're talking about the secure channel trusts?  If this is
>> happening you've probably got networking problems, and/ or name
>> resolution
>> problems.
>>
>> Like Allen said, are there errors/ warnings in the event logs?
>>
>> Are these mainly remote machines over a poor line, etc.?
>>
>> What can you tell us about your setup and the environment?
>>
>>
>> -- 
>>
>> Paul Williams
>>
>> http://www.msresource.net/
>> http://forums.msresource.net/
>>
>> <-> wrote in message news:uOFjl2FEFHA.4072@TK2MSFTNGP10.phx.gbl...
>> I say PC's but it can say servers too.  I'm not quite so concerned if
>> it's
>> just a workstation but when it happens to a windows server it can no
>> longer
>> serve.  The computer accounts haven't been deleted from the domain.  Is
>> there anything I can do proactively?
>>
>>
>>
>
>

Relevant Pages

  • Re: Why do PCs lose their trust relationship?
    ... A duplicate name has been detected on the TCP network. ... NetBIOS Remote Machine Name Table ... >I see event logs on the domain controller saying their secure channel>password isn't correct. ... the server admins ran> into this problem when rebooting a server and voluntarily rejoining it to> the domain. ...
    (microsoft.public.windows.server.active_directory)
  • Re: indexing network drive
    ... The remote machine is a win2000 server on the ... The connect as account is a domain user with full permissions on the ... > | I'm trying to add a network path to what the indexing service includes. ...
    (microsoft.public.inetserver.indexserver)
  • Response.Redirect problem from remote machine
    ... I have the code working on a remote machine as ... server from a remote machine it does not work. ... within the network and from outside. ... Windows SBS 2003, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Loading Personal Settings takes 10 mins
    ... If the PC in question is having network issues, you could make sure the NIC driver is current and run the NIC diagnostic app if there is one. ... I'd check the server event logs just in case, but if it's only one PC, I doubt the server is involved. ... Does Outlook performance seem normal other than when attempting to attach files over the network? ...
    (microsoft.public.windows.server.sbs)
  • RE: Server 2003 hangs
    ... When the server is network dead/ console ... If you've checked the event logs and there is nothing obvious, ... Nothing in event log at time when hang occurs. ...
    (microsoft.public.windows.server.general)