Re: Errors 40960 & 40961 ...

In news:406BA180-9E29-42AF-9C9A-72736B0091C2@xxxxxxxxxxxxx,
Mike T. <MikeT@xxxxxxxxxxxxxxxxxxxxxxxxx> commented
Then Kevin replied below:
> I've been receiving these error msgs for a few months now
> - they show up once an hour and I for the life of me
> cannot get them to go away.
>
> They are on 2 external DNS servers running W2K3 with all
> the latest updates. They are in their own workgroup on
> the DMZ.
>
> Here's the events in the event log:
>
> Event Type: Warning
> Event Source: LSASRV
> Event Category: SPNEGO (Negotiator)
> Event ID: 40961
> Date: 3/30/2005
> Time: 11:51:05 AM
> User: N/A
> Computer: NS1
> Description:
> The Security System could not establish a secured
> connection with the server DNS/prisoner.iana.org. No
> authentication protocol was available.
>
>
> Event Type: Warning
> Event Source: LSASRV
> Event Category: SPNEGO (Negotiator)
> Event ID: 40960
> Date: 3/30/2005
> Time: 11:51:05 AM
> User: N/A
> Computer: NS1
> Description:
> The Security System detected an authentication error for
> the server DNS/prisoner.iana.org. The failure code from
> authentication protocol Kerberos was "There are currently
> no logon servers available to service the logon request.
> (0xc000005e)".
>
> Any ideas how to fix this ...???

Create a reverse lookup zone for your IP Network, then make sure the DC and
all clients use only the internal DNS server.
What is happening is your DC is trying to register its PTR record at the
internet black hole servers for private IP addresses. (That's the
prisoner.iana.org)



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • Errors 40960 & 40961 ...
    ... I've been receiving these error msgs for a few months now - they show up once ... They are on 2 external DNS servers running W2K3 with all the latest updates. ... No authentication protocol was available. ... Kerberos was "There are currently no logon servers available to service the ...
    (microsoft.public.windows.server.dns)
  • Re: Problem joining domain
    ... Are you joining the other servers as member servers or are you trying to ... it looks like a DNS problem. ... > Event Source: Userenv ... No authentication protocol was available. ...
    (microsoft.public.win2000.active_directory)
  • Re: Swap server IP & name
    ... If these are member servers, all you need to do is rename the existing ...
    (microsoft.public.windows.server.active_directory)