Re: Lsasrv Event ID 40960
- From: "Ace Fekay [MVP]" <PleaseAskMe@xxxxxxxxxxxxxx>
- Date: Wed, 24 May 2006 19:04:02 -0400
In news:OoTpvXjfGHA.4864@xxxxxxxxxxxxxxxxxxxx,
kbergros <kbergros@xxxxxxxxxxx> stated, which I commented on below:
Hi!
I'm having a problem that really disturb me.....
I get on 2 of my windows 2003 memberservers a logentry twice a day
saying the following:
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 2006-05-21
Time: 03:43:47
User: N/A
Computer: gimli
Description:
The Security System detected an authentication error for the server
ldap/gollum.test.timber.se/test.timber.se@xxxxxxxxxxxxxxx The failure
code from authentication protocol Kerberos was "The attempted logon is
invalid. This is either due to a bad username or authentication
information. (0xc000006d)".
I checked everything according to DNS entries and everything looks OK.
I have followed the suggestions on Event id net, but no luck in
solving this problem.
Before I had a logging that also stated the 40961 event but that
logging has stopped since I upgraded to Service pack 1.
The thing is on my other windows 2003 member servers I don't get this
loggentry.
I have two Domaincontrollers one is Windows 2003 (has all FSMO roles
and the Global catalog) and one is Windows 2000 ((also has the global
catalog).
One thing that i can see that the machines that has the error logging
has the 2000 server as logon server... the other ones (without the
problem) has the windows 2003 server as logon server.... can this has
something to do with the error logging?
Regards
Kbergros
Usually creating a reverse zone for your subnet(s) and insuring all DCs
(especially the 2003 DCs) have a PTR entry to eliminate this error. On 2003
systems, the SPNEGO, (the SPN identifier) uses the reverse entry to identify
itself, hence "Ego".
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."
The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
.
- Follow-Ups:
- Re: Lsasrv Event ID 40960
- From: kbergros
- Re: Lsasrv Event ID 40960
- References:
- Lsasrv Event ID 40960
- From: kbergros
- Lsasrv Event ID 40960
- Prev by Date: Re: Cannot create the object because directory service was unable to allocate a relative identifier
- Next by Date: Re: SIDs instead of the user friendly names
- Previous by thread: Lsasrv Event ID 40960
- Next by thread: Re: Lsasrv Event ID 40960
- Index(es):
Relevant Pages
|
