Re: Event Warning 40961 LSASRV

Actually, scratch that... I was a bit optimistic in saying the warning events
have gone, they haven't. I'm still getting these 2 warnings together once per
hour.

Also, I stated (from memory without checking) that the DNS server is
listening only on one address, this is in fact untrue, they both listen on
all adapter addresses.

Also, the netlogon service is not running on either server, yet I'm still
getting warnings about authentication failure to the providers nameserver.

Also, after making the registry entry previously stated, DNS services were
restarted.

Where do I go from here? Perhaps the problem lies with the DNS publish
addresses? There is no "publishaddresses" registry key in ...\DNS\Parameters,
should there be (with only one NS A Record defined)?

I'm a bit twitchy about messing too much with the registry on production
servers, so further expert advice would be much appreciated :)

The Vogon


"The Vogon" wrote:

>
> Indeed both servers are multihomed... The primary DNS server having 4 IP
> addresses (DNS listening on one), but others used for SQL, mail etc... The
> secondary DNS server has 10 IP addresses, one for DNS listening and others
> for Web services etc. Both servers have only one physical NIC each. Their
> statically configured HOST A entries for machine name are as the DNS
> listening addresses.
>
> Since they're not DC's I've left NetLogon Service A registrations alone as
> they shouldn't exist or be relevant, and I've only added the following
> registry key to disable dynamic DNS updates
>
> HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
> DWORD DisableDynamicUpdate
> Value 1
>
> I've not seen the LSASRV warnings for over an hour now, so this would now
> seem to be resolved. Thanks very much for your help in this!
>
> As a footnote, would you anticipate any unwanted side effects due to me
> disabling these dynamic DNS updates?
>
> The Vogon :)
>
>
>
> "Todd J Heron" wrote:
>
> > Is the server multihomed? If so you must disable dynamic registration of
> > the extra NIC via registry modifications.
> >
> > How to enable or disable DNS updates in Windows 2000 and in Windows Server
> > 2003
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;246804
> >
> > --
> > Todd J Heron, MCSE
> > Windows Server 2003/2000/NT; CCA
> > ----------------------------------------------------------------------------
> > This posting is provided "as is" with no warranties and confers no rights
> >
> >
> > "The Vogon" <TheVogon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > news:0A6FD650-0F6D-4939-BB1D-D94F8AC2E266@xxxxxxxxxxxxxxxx
> >
> > OK, thanks, that makes sense... unfortuantely however I'm still getting
> > event warnings as follows:
> > ----------------------------------------------------------------------------------
> > Event Type: Warning
> > Event Source: LSASRV
> > Event Category: SPNEGO (Negotiator)
> > Event ID: 40960
> > Date: 29.10.2005
> > Time: 23:12:48
> > User: N/A
> > Computer: DNS1
> > Description:
> > The Security System detected an authentication error for the server
> > DNS/ns.provider.net. The failure code from authentication protocol Kerberos
> > was "There are currently no logon servers available to service the logon
> > request.
> > (0xc000005e)".
> > ----------------------------------------------------------------------------------
> > Event Type: Warning
> > Event Source: LSASRV
> > Event Category: SPNEGO (Negotiator)
> > Event ID: 40961
> > Date: 29.10.2005
> > Time: 23:12:48
> > User: N/A
> > Computer: DNS1
> > Description:
> > The Security System could not establish a secured connection with the server
> > DNS/ns.provider.net. No authentication protocol was available.
> > ----------------------------------------------------------------------------------
> >
> > Note that these event warnings are occuring together at a frequency of
> > exactly one hour on both my primary and secondary DNS servers...
> >
> >
> >
.

Relevant Pages

  • Re: RPC is unavailable when try to transfer FSMO Roles
    ... prevent the public interface addresses from being registered in DNS. ... In the DNS management console, in the properties of the DNS server, ... Registry value: DnsAvoidRegisterRecords ... To stop registration of both NICs, add or alter this reg ...
    (microsoft.public.windows.server.active_directory)
  • Re: Is it safe to use a DHCP to assign the IP addresses to the servers
    ... Being a VPN Server and even simply running RRAS makes it multi-homed. ... Domain Controllers with the PDF Role are automatically Domain Master Browser. ... Multihomed DCs, DNS, RRAS servers. ... there are some registry changes to eliminate the registration of the external NIC. ...
    (microsoft.public.windows.server.networking)
  • Re: Multihomed DCs
    ... mean that the multihomed server is the member server. ... W2K3, with dual NICs that responds to domain traffic Vlan, ... It is hugely problematic due to the multiple interefaces and DNS ... there are some registry changes to eliminate the ...
    (microsoft.public.windows.server.networking)
  • Re: No Internet thru Dual Nics
    ... Windows 2000 Server fully patched. ... DNS server 192.168.254.1 ... I have uninstalled and reinstalled the NICs. ... there are some registry changes to eliminate the ...
    (microsoft.public.windows.server.networking)
  • Re: Global Catalog / Domain Controller loses connection to Exchang
    ... points to our DNS Server (file2k3) ... When there are multiple NICs, ... there are some registry changes to eliminate the ...
    (microsoft.public.windows.server.networking)