Event id 40960

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

OK...i'll try to keep it brief.

I am trying to terminal service (using remote desktop) using an account in
the parent domain to a few windows 2003 servers which reside in a child
domain.

I am trying with a domain admin account from the parent domain which is a
member of the local admin group on all the W2K03 servers in the child
domain.

Everytime I try I get an event 40960 in the system log and an "access is
denied message" in Remote desktop

The Security System detected an authentication error for the server
cifs/parent_domain_domain_controller.parentdomain.com. The failure code
from authentication protocol Kerberos was "No authority could be contacted
for authentication.

NOTE: Whats interesting is I can login to these W2k03 servers residing in
the child domain with my parent domain account if I was at the console!! It
only fails through remote desktop/terminal services.

Trust is working fine because in the same child domain I have windows 2000
servers as well and I can terminal to these using my account from the
parent domain.

Can anyone help?

These have all be unapplicable :

http://www.eventid.net/display.asp?
eventid=40960&eventno=787&source=LsaSrv&phase=1
http://support.microsoft.com/?id=823712
http://support.microsoft.com/?id=824217

IPconfig details



Windows IP Configuration



Host Name . . . . . . . . . . . . : pewplo33

Primary Dns Suffix . . . . . . . : childomain.parentdomain.com

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : childomain.parentdomain.com

parentdomain.com



Ethernet adapter VIP_Production:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : BASP Virtual Adapter

Physical Address. . . . . . . . . : 00-0F-1F-6D-E6-70

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 10.253.7.63

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.253.7.1

DNS Servers . . . . . . . . . . . : 10.253.7.64

10.253.7.65



PPP adapter {76B6AC9A-FC88-4971-BFF4-DF3E7CBBEDE2}:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface

Physical Address. . . . . . . . . : 00-53-45-00-00-00

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.234.235

Subnet Mask . . . . . . . . . . . : 255.255.255.255

Default Gateway . . . . . . . . . :

NetBIOS over Tcpip. . . . . . . . : Disabled
.

Relevant Pages

  • Account lockout after changing password.
    ... passwords. ... logs on and accesses a resource the account locks out. ... We are running a Windows 2000 network mixed mode though ... All Windows 2000 servers are running ...
    (microsoft.public.win2000.security)
  • Strange Issue With a Renamed Account
    ... I have an Active Directory (Windows 2003 DCs) environment with two domains in one tree. ... A user account was created in the parent domain and was found to be misnamed, so it was renamed with the correct information. ... This problem doesn't appear on any Windows 2003 member servers in either domain, or on any Windows 2000 member servers in the parent domain. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Services losing Login Info
    ... They are Windows 2003 Std Edition. ... The account being used is a domain ... correct error message. ... The service works on 130 other servers that I support ...
    (microsoft.public.windows.server.general)
  • Re: Administrator Account Locking Out
    ... Can occur if you are using the account also for services and did not change the password also on a service where it is used. ... Windows 2003 Servers and Windows 2000 servers. ... I have looked in both the event logs, turned on netlogon logging, etc. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Setting up new Child Domain
    ... you're trying to add users from the parent domain to the Local Remote ... child domain of the MAIN domain network. ... Servers through RDP and they will use their NT logins. ... log on with my internal account. ...
    (microsoft.public.windows.server.active_directory)