RE: AD trusts
- From: Peter <Peter@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 30 May 2006 01:36:02 -0700
Dear,
These problems are often naming resolution based problems. Does your DNS is
function correctly? Try to resolve all of the records found in the
c:\windows\system32\config\netlogon.dns file. All these records should exist
on the DNS servers.
If you’re not sure about the content of this file, stop netlogon service,
delete the file, restart netlogon service and perform an ipconfig
/registerdns. Max 15 min. later, all these records should exists on the DNS
servers.
Regards,
Peter
"Stubsy" wrote:
Hi,.
I have inherited a network built by someone else. There are three domains on
three subnets. B trusts A and B trusts C. The trust between B and A is
working OK. However the trust between B and C is giving trouble. The security
log on domain C is full
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1006
Date: 5/29/2006
Time: 10:04:13 AM
User: NT AUTHORITY\SYSTEM
Computer: ANDROMADA
Description:
Windows cannot bind to domainB.local domain. (Local Error). Group Policy
processing aborted.
and
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 5/29/2006
Time: 9:58:21 AM
User: SIHS\Administrator
Computer: ANDROMADA
Description:
Windows cannot query for the list of Group Policy objects. Check the event
log for possible messages previously logged by the policy engine that
describes the reason for this.
System log has
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 5/29/2006
Time: 11:19:14 AM
User: N/A
Computer: ANDROMADA
Description:
The Security System detected an authentication error for the server
ldap/andromada.sihs.local/stignatius.local@xxxxxxxxxxxxxxxxx The failure
code from authentication protocol Kerberos was "There are currently no logon
servers available to service the logon request.
(0xc000005e)".
securitylog has
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 675
Date: 5/29/2006
Time: 11:30:42 AM
User: NT AUTHORITY\SYSTEM
Computer: ANDROMADA
Description:
Pre-authentication failed:
User Name: kristi.ebanks
User ID: SIHS\kristi.ebanks
Service Name: krbtgt/SIHS
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: 192.168.3.111
I cannot delete the trust from the server in domain C. If I try and verify
the trust I get
The secure channel (SC) verification on domain controller
\\andromada.sihs.local of domain sihs.local to domain sihs.local failed with
error: The specified domain either does not exist or could not be contacted.
(sihs is domain C)
I have managed to delete the trust and recreate it from domain B, but the
error remains.
Any ideas?
- References:
- AD trusts
- From: Stubsy
- AD trusts
- Prev by Date: Re: Roaming Profiles - Replacement Functionality Using Software
- Next by Date: Add URL in Outlook GAL entry properties page
- Previous by thread: AD trusts
- Next by thread: re: How to set the folder size of user's home directory?
- Index(es):
Relevant Pages
|
