Re: Error binding to local domain
- From: Steve Larson <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 17 Aug 2005 21:57:02 -0700
Hi Charles,
I will look into the update for the 40960 and 40961 issue. Thanks.
I tested some more based on your questions and this is what I found.
All testing was done entering a user name in the "Select, Users, Computers,
or Groups" dialog (when updating permissioned on a folder) and clicking on
"Check Names".
The Domain admin profile was deleted on the client, I logged in as the
domain admin on the client, after long wait-user not found. Roaming profiles
are used for most users but not the domain administrator. I have not renamed
the account.
I used a local admin account to login, authenticated as a non-admin domain
user, the name was resolved immediately.
I created a new user based on the administrator profile, I logged on as that
user on the client, the name is resolved in a few seconds.
I used a different user based on the admin profile that was created when the
domain was originally setup, I logged on as that user on the client, the name
is resolved after a long (maybe 15-20sec) wait.
I used the domain administrator account, logged in to the SBS (DC), The name
is resolved immediately.
I used the domain administrator account again, logged in to the client
machine, after long wait-user not found.
I see the same behavior if I login as a domain user or login as a local user
and then authenticate as the domain user.
Anything else to try?
Steve
""Charles Yang [MSFT]"" wrote:
> Hi Steve,
>
> Thanks for updates.
>
> After checking the warning 40960 and 40961, we found it did not relate to
> the previous issue. So we can solve it individually:
>
> 1. Does the issue only occur on the time when the server boot or occur on
> other time frequently.
> 2. This should be a client issue, please follow the steps below:
>
> 1. Please call our CSS to request the hot fix 885887:
>
> 885887 You cannot access network resources after you try to log on to a
> Windows (although it is for smart card, it can still resolve similar issues)
> http://support.microsoft.com/?id=885887
>
>
> Note: Although this hot fix is for the Windows XP with a Smart Card, it has
> resolved some similar issues without the Smart Card.
>
> For a complete list of Microsoft Product Support Services phone numbers and
> information about support costs, visit the following Microsoft Web site:
>
> http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS
>
> 3. Backup and then delete the user profile for the problematic user
> account, and then log on by using this account so that the OS will create a
> new user profile. Does the issue still exist?
>
> For the previous issue, I suggest you test if it only occur on built in
> domain AD, please also make sure if you rename the built in administrator
> or not. If you use other administrator account you create, does the issue
> exist or not?
>
> Currently I also make research on this things, in addition have you use my
> documents redirection or roaming profiles, if so you might have to delete
> this user's profiles on SBS server to see if the issue can be resolve,
> please perform a backup for that profiles then perform tests.
>
> Thanks for your understanding.
>
>
>
> Best regards,
>
> Charles Yang (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> --------------------
> | Thread-Topic: Error binding to local domain
> | thread-index: AcWiFA2EN5EdHNMTRh6gx6nFmVqu4w==
> | X-WBNR-Posting-Host: 65.164.216.122
> | From: =?Utf-8?B?U3RldmUgTGFyc29u?= <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
> | References: <2E7C8934-DBF1-47BE-9EA2-D2947D7C1799@xxxxxxxxxxxxx>
> <uLiBFqPoFHA.2920@xxxxxxxxxxxxxxxxxxxx>
> <464AB7A0-D39E-4FD3-821B-28EEA2EB4B59@xxxxxxxxxxxxx>
> <TkAnYbWoFHA.2700@xxxxxxxxxxxxxxxxxxxxx>
> <7B63646A-3A6F-491C-BD5B-7582FFB9C299@xxxxxxxxxxxxx>
> <Kz6pQjfoFHA.940@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: Re: Error binding to local domain
> | Date: Mon, 15 Aug 2005 20:39:13 -0700
> | Lines: 321
> | Message-ID: <64996607-03AE-4537-A002-24ABF6EEBA21@xxxxxxxxxxxxx>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="Utf-8"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | Content-Class: urn:content-classes:message
> | Importance: normal
> | Priority: normal
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:144709
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | Hi Charles,
> |
> | I still have problems resolving user names as domain administrator after
> | changing the domain administrator's password as recommended. I also see
> two
> | warnings in the system event log that may help (did not pay much
> attention to
> | them before :>( ). The events are:
> |
> | The Security System detected an attempted downgrade attack for server
> | ldap/dc1.MyDomain.local/MyDomain.local@xxxxxxxxxxxxxxx The failure code
> from
> | authentication protocol Kerberos was "There are currently no logon
> servers
> | available to service the logon request.
> | (0xc000005e)". Source:LSASRV, Category:SPNEGO (Negotiator),
> EventID:40960
> |
> | The Security System could not establish a secured connection with the
> server
> | ldap/dc1.MyDomain.local/MyDomain.local@xxxxxxxxxxxxxxx No authentication
> | protocol was available. Source:LSASRV, Category:SPNEGO (Negotiator),
> | EventID:40961
> |
> | Steve
> | ""Charles Yang [MSFT]"" wrote:
> |
> | > Hi Steve,
> | >
> | > Thanks for updates.
> | >
> | > I will be here waiting for your updates. Thanks for your effort.
> | >
> | >
> | >
> | > Best regards,
> | >
> | > Charles Yang (MSFT)
> | >
> | > Microsoft CSS Online Newsgroup Support
> | >
> | > Get Secure! - www.microsoft.com/security
> | >
> | > ======================================================
> | > This newsgroup only focuses on SBS technical issues. If you have issues
> | > regarding other Microsoft products, you'd better post in the
> corresponding
> | > newsgroups so that they can be resolved in an efficient and timely
> manner.
> | > You can locate the newsgroup here:
> | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> | >
> | > When opening a new thread via the web interface, we recommend you check
> the
> | > "Notify me of replies" box to receive e-mail notifications when there
> are
> | > any updates in your thread. When responding to posts via your
> newsreader,
> | > please "Reply to Group" so that others may learn and benefit from your
> | > issue.
> | >
> | > Microsoft engineers can only focus on one issue per thread. Although we
> | > provide other information for your reference, we recommend you post
> | > different incidents in different threads to keep the thread clean. In
> doing
> | > so, it will ensure your issues are resolved in a timely manner.
> | >
> | > For urgent issues, you may want to contact Microsoft CSS directly.
> Please
> | > check http://support.microsoft.com for regional support phone numbers.
> | >
> | > Any input or comments in this thread are highly appreciated.
> | > ======================================================
> | > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> | >
> | >
> | > =====================================================
> | > When responding to posts, please "Reply to Group" via your newsreader
> so
> | > that others may learn and benefit from your issue.
> | > =====================================================
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> | >
> | > --------------------
> | > | Thread-Topic: Error binding to local domain
> | > | thread-index: AcWhlpqkCG/7gRR1R8WjUmV1ItxHTQ==
> | > | X-WBNR-Posting-Host: 65.164.216.122
> | > | From: =?Utf-8?B?U3RldmUgTGFyc29u?=
> <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
> | > | References: <2E7C8934-DBF1-47BE-9EA2-D2947D7C1799@xxxxxxxxxxxxx>
> | > <uLiBFqPoFHA.2920@xxxxxxxxxxxxxxxxxxxx>
> | > <464AB7A0-D39E-4FD3-821B-28EEA2EB4B59@xxxxxxxxxxxxx>
> | > <TkAnYbWoFHA.2700@xxxxxxxxxxxxxxxxxxxxx>
> | > | Subject: Re: Error binding to local domain
> | > | Date: Mon, 15 Aug 2005 05:41:07 -0700
> | > | Lines: 308
> | > | Message-ID: <7B63646A-3A6F-491C-BD5B-7582FFB9C299@xxxxxxxxxxxxx>
> | > | MIME-Version: 1.0
> | > | Content-Type: text/plain;
> | > | charset="Utf-8"
> | > | Content-Transfer-Encoding: 7bit
> | > | X-Newsreader: Microsoft CDO for Windows 2000
> | > | Content-Class: urn:content-classes:message
> | > | Importance: normal
> | > | Priority: normal
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | > | Newsgroups: microsoft.public.windows.server.sbs
> | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:144427
> | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | > |
> | > | Charles,
> | > | Thanks for the response. The problem is on all machines. I will try
> the
> | > | number 2 solution and report back. I tried number 3 before I posted
> the
> | > | question.
> | > |
> | > | Steve
> | > | ""Charles Yang [MSFT]"" wrote:
> | > |
> | > | > Hi Steve,
> | > | >
> | > | > Welcome to SBS newsgroup.
> | > | >
> | > | > Issue description:
> | > | >
> | > | > ===========
> | > | >
> | > | > I understand that you encountered 1006 and 1030 error.
> | > | >
> | > | > Analyzing and suggestions:
> | > | >
> | > | > ============
> | > | >
> | > | > Generally speaking, this issue might be relate to AD configuration
> on
> | > SBS
> | > | > domain, please perform tests below:
> | > | >
> | > | > 1. If this user log on to a DIFFERENT computer, can the problem be
> | > | > reproduced? If not, the problem is most likely related to the user
> | > profile
> | > | > on the ''problematic'' computer. I suggest that you delete the
> profile
> | > on
> | > | > that computer and try to log on to it again. (That means delete the
> | > Domain
> | > | > administrator's profiles on that workstation then logon the
> workstation
> | > | > with Administrator profiles again to see if the issue can be
> resolved.
> | > | >
> | > | > 2. If the problem can be reproduced on all the client computers,
> most
> | > | > likely this user's AD account is corrupted. I would suggest that we
> | > first
> | > | > reset the password for this user in dsa.msc and check if the
> problem is
> | > | > resolved.
> | > | > 3. Please also remove and rejoin this client computer to the domain
> to
> | > see
> | > | > if this issue can be resolved.
> | > | >
> | > | > Thanks for all your efforts, I will be here waiting for your
> updates,
> | > | > please perform my suggestions and paste any progress to newsgroup.
> | > | >
> | > | >
> | > | >
> | > | > Best regards,
> | > | >
> | > | > Charles Yang (MSFT)
> | > | >
> | > | > Microsoft CSS Online Newsgroup Support
> | > | >
> | > | > Get Secure! - www.microsoft.com/security
> | > | >
> | > | > ======================================================
> | > | > This newsgroup only focuses on SBS technical issues. If you have
.
- Follow-Ups:
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- References:
- Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: Lanwench [MVP - Exchange]
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Error binding to local domain
- Prev by Date: RE: List of ports that are in use
- Next by Date: RE: CEICW hangs at Exchange - Please help... tried everything
- Previous by thread: Re: Error binding to local domain
- Next by thread: Re: Error binding to local domain
- Index(es):
Relevant Pages
|
