Re: Enormous security problem

From: Glenn L (the.only(delete)_at_gmail)
Date: 01/24/05 

Date: Sun, 23 Jan 2005 19:39:26 -0800

Not sure what is happening.
What is the LDAP failure return code in Netdiag?

Try the following test.
use kerbtray from the resource kit.
Log in as a domain admin user.
lauch kerbtray and view the tickets. Do they look good?
launch LDP.EXE (part of support tools)
connect to for DC and bind to the DC with the currently logged in creds.
Does this fail? What is the exact error in LDP.EXE
now purge your kerberos tickets.
Attempt the LDAP bind again.
Does it fail? same error?

please post the contents of the 680s and 529s to this thread.
Are there errors on the file server perhaps kerberos errors in the system
log. 

-- 
Glenn L
CCNA, MCSE 2000/2003 + Security
"wosully" <wosully@discussions.microsoft.com> wrote in message 
news:90E9C6D1-7910-4C2B-8F80-72326D5953CF@microsoft.com...
> Hi all,
>
> I have one 2003 DC without any service pack, and one 2003 file server with
> SP1 RC1, and I have run netdiag from the command line on the file server 
> and
> the LDAP tests have continually failed; no other tests fail.  Any account
> (even domain admin) that I log onto the file server with and use computer 
> mgt
> snap in to manage the DC, shows up in the DC's security log as a failed
> authentication (680 and 529 errors).  Eventually the accounts are locked 
> out
> every time.  I had to disable account lock out in the defualt domain 
> policy.
> I have tried changing the accounts passwords.  I have even taken the file
> server out of the domain and renamed it prior to inserting it back into 
> the
> domain, but the problem persists.  I have tested this with other domain 
> admin
> accounts and the result is the same.
>
> When I open up comp mgt from the file server pointed at the DC and scroll 
> to
> the security log, all I have to do is select the security log and hit 
> refresh
> and a new pair of failure audits pop up until the account is locked again.
>
> What would cause this problem and who do I need to pay off to fix it?
>
>
>
>
> -- 
> MCSE: Security, CCNA, A+, Network +, Security+

Relevant Pages

  • Re: Enormous security problem
    ... > Windows cannot query for the list of Group Policy objects. ... >> Are there errors on the file server perhaps kerberos errors in the system ... >>> snap in to manage the DC, shows up in the DC's security log as a failed ... I had to disable account lock out in the defualt domain ...
    (microsoft.public.windows.server.general)
  • Enormous security problem
    ... and I have run netdiag from the command line on the file server and ... I had to disable account lock out in the defualt domain policy. ... domain, but the problem persists. ... the security log, all I have to do is select the security log and hit refresh ...
    (microsoft.public.windows.server.general)
  • Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
    ... Everytime I attempt to login under Basic Authentication, ... IUSR_blah account. ... the anonymous user impersonated by the IIS Server is the ... > Event Viewer Security log. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Manage 30 XP, 2000, 98 without Domain Controller
    ... account on 98 machines) ... folders on the File Server, setup NTFS permission on each folder. ... How to prevent them from share out local folders, ... So is it possible to make the workgroup change ...
    (microsoft.public.windowsxp.security_admin)
  • Re: your account is configured to prevent you from using this computer
    ... log on locally and log on over the network user rights ... there is no group in the Deny local logon user right that ... has as a member the account. ... I have tried verifying that with using an> incorrect password and I did come up with an event on the> security log. ...
    (microsoft.public.windowsxp.security_admin)