Re: Error binding to local domain
- From: v-chayan@xxxxxxxxxxxxxxxxxxxx ("Charles Yang [MSFT]")
- Date: Thu, 18 Aug 2005 06:25:06 GMT
HI Steve,
Thanks for your updates here.
>From your description, I found this only occur on a client computer when
you logon with domain administrator. So let us focus on two things.
1. I know you have disjoin and rejoin the problematic client to the domain.
But this only occurs on the one user and one client computer. so the issue
should relate with that user's profiles, you means you did not configure
roaming profiles for this user only, please make sure that you have deleted
all the domain admin profiles on the workstation. Could you also tell us if
you have enabled "folder redirection" on SBS domain?
2. Please also try to repeat the same things, when you locate user, please
use "Advance option" and click "find now" to see if you can find the domain
AD in the list.
3. As you referred, does it occur on a special client computer or on all
client computer, as you only test on one of the client computer.
4. On the SBS server, click Start, point to Administrative Tools and click
DNS. Expand your server | Forward Lookup Zones | your zone, right-click
your zone and click Properties. On the General tab, set Dynamic updates to
"Nonsecure and secure". Disjoin and rejoin the Windows XP client, does the
issue still occur? It is not necessary to manually configure network
settings on Windows 2000 or Windows XP clients,It is recommended to add
users by running the Add User wizard in Server Management, and instruct
users to join domain by using the http://servername/connectcomputer web
site.
5. Please also try the steps below to clear the cache credential to see if
you still encounterd the same issue. Please make sure that the domain AD
could be located any network resouces which require domain account from
that client computer.
A. Open Group Policy on your laptop, go to:
B. Computer Configuration>Windows Settings>Security Settings>Local
Policies>Security Options.
C. Double click on "Interactive logon: Number of previous logons to cache
(in case domain controller is not available)", change the cache to 0
logons. Click OK.
D. Reboot and logon again.
We apprecaite your time to perform tests, if this issue is so urgent, we
suggest you call our CSS for assistnace, for it might need a little long
time for troubleshooting this complex issue.
Best regards,
Charles Yang (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Error binding to local domain
| thread-index: AcWjsmTO1H6ac/0aTmOHHTPzomM5xA==
| X-WBNR-Posting-Host: 65.164.216.122
| From: =?Utf-8?B?U3RldmUgTGFyc29u?= <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
| References: <2E7C8934-DBF1-47BE-9EA2-D2947D7C1799@xxxxxxxxxxxxx>
<uLiBFqPoFHA.2920@xxxxxxxxxxxxxxxxxxxx>
<464AB7A0-D39E-4FD3-821B-28EEA2EB4B59@xxxxxxxxxxxxx>
<TkAnYbWoFHA.2700@xxxxxxxxxxxxxxxxxxxxx>
<7B63646A-3A6F-491C-BD5B-7582FFB9C299@xxxxxxxxxxxxx>
<Kz6pQjfoFHA.940@xxxxxxxxxxxxxxxxxxxxx>
<64996607-03AE-4537-A002-24ABF6EEBA21@xxxxxxxxxxxxx>
<SBUfNkioFHA.588@xxxxxxxxxxxxxxxxxxxxx>
<83ADBEA0-CE63-47FC-ACCC-533EF2E48ED9@xxxxxxxxxxxxx>
| Subject: Re: Error binding to local domain
| Date: Wed, 17 Aug 2005 22:05:04 -0700
| Lines: 305
| Message-ID: <D3CA9D7D-5092-491C-946F-65EDF5C91C1E@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:145415
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Also, Outlook is able to resolve the mailbox name for the domin admin
when
| setting up the connection to the Exchange mailbox.
| Steve
| "Steve Larson" wrote:
|
| > Hi Charles,
| >
| > I will look into the update for the 40960 and 40961 issue. Thanks.
| >
| > I tested some more based on your questions and this is what I found.
| > All testing was done entering a user name in the "Select, Users,
Computers,
| > or Groups" dialog (when updating permissioned on a folder) and clicking
on
| > "Check Names".
| > The Domain admin profile was deleted on the client, I logged in as the
| > domain admin on the client, after long wait-user not found. Roaming
profiles
| > are used for most users but not the domain administrator. I have not
renamed
| > the account.
| > I used a local admin account to login, authenticated as a non-admin
domain
| > user, the name was resolved immediately.
| > I created a new user based on the administrator profile, I logged on as
that
| > user on the client, the name is resolved in a few seconds.
| > I used a different user based on the admin profile that was created
when the
| > domain was originally setup, I logged on as that user on the client,
the name
| > is resolved after a long (maybe 15-20sec) wait.
| > I used the domain administrator account, logged in to the SBS (DC), The
name
| > is resolved immediately.
| > I used the domain administrator account again, logged in to the client
| > machine, after long wait-user not found.
| > I see the same behavior if I login as a domain user or login as a local
user
| > and then authenticate as the domain user.
| >
| > Anything else to try?
| >
| > Steve
| > ""Charles Yang [MSFT]"" wrote:
| >
| > > Hi Steve,
| > >
| > > Thanks for updates.
| > >
| > > After checking the warning 40960 and 40961, we found it did not
relate to
| > > the previous issue. So we can solve it individually:
| > >
| > > 1. Does the issue only occur on the time when the server boot or
occur on
| > > other time frequently.
| > > 2. This should be a client issue, please follow the steps below:
| > >
| > > 1. Please call our CSS to request the hot fix 885887:
| > >
| > > 885887 You cannot access network resources after you try to log on to
a
| > > Windows (although it is for smart card, it can still resolve similar
issues)
| > > http://support.microsoft.com/?id=885887
| > >
| > >
| > > Note: Although this hot fix is for the Windows XP with a Smart Card,
it has
| > > resolved some similar issues without the Smart Card.
| > >
| > > For a complete list of Microsoft Product Support Services phone
numbers and
| > > information about support costs, visit the following Microsoft Web
site:
| > >
| > > http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS
| > >
| > > 3. Backup and then delete the user profile for the problematic user
| > > account, and then log on by using this account so that the OS will
create a
| > > new user profile. Does the issue still exist?
| > >
| > > For the previous issue, I suggest you test if it only occur on built
in
| > > domain AD, please also make sure if you rename the built in
administrator
| > > or not. If you use other administrator account you create, does the
issue
| > > exist or not?
| > >
| > > Currently I also make research on this things, in addition have you
use my
| > > documents redirection or roaming profiles, if so you might have to
delete
| > > this user's profiles on SBS server to see if the issue can be
resolve,
| > > please perform a backup for that profiles then perform tests.
| > >
| > > Thanks for your understanding.
| > >
| > >
| > >
| > > Best regards,
| > >
| > > Charles Yang (MSFT)
| > >
| > > Microsoft CSS Online Newsgroup Support
| > >
| > > Get Secure! - www.microsoft.com/security
| > >
| > > ======================================================
| > > This newsgroup only focuses on SBS technical issues. If you have
issues
| > > regarding other Microsoft products, you'd better post in the
corresponding
| > > newsgroups so that they can be resolved in an efficient and timely
manner.
| > > You can locate the newsgroup here:
| > > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > >
| > > When opening a new thread via the web interface, we recommend you
check the
| > > "Notify me of replies" box to receive e-mail notifications when there
are
| > > any updates in your thread. When responding to posts via your
newsreader,
| > > please "Reply to Group" so that others may learn and benefit from
your
| > > issue.
| > >
| > > Microsoft engineers can only focus on one issue per thread. Although
we
| > > provide other information for your reference, we recommend you post
| > > different incidents in different threads to keep the thread clean. In
doing
| > > so, it will ensure your issues are resolved in a timely manner.
| > >
| > > For urgent issues, you may want to contact Microsoft CSS directly.
Please
| > > check http://support.microsoft.com for regional support phone numbers.
| > >
| > > Any input or comments in this thread are highly appreciated.
| > > ======================================================
| > > This posting is provided "AS IS" with no warranties, and confers no
rights.
| > >
| > >
| > > =====================================================
| > > When responding to posts, please "Reply to Group" via your newsreader
so
| > > that others may learn and benefit from your issue.
| > > =====================================================
| > >
| > > This posting is provided "AS IS" with no warranties, and confers no
rights.
| > >
| > > --------------------
| > > | Thread-Topic: Error binding to local domain
| > > | thread-index: AcWiFA2EN5EdHNMTRh6gx6nFmVqu4w==
| > > | X-WBNR-Posting-Host: 65.164.216.122
| > > | From: =?Utf-8?B?U3RldmUgTGFyc29u?=
<SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > > | References: <2E7C8934-DBF1-47BE-9EA2-D2947D7C1799@xxxxxxxxxxxxx>
| > > <uLiBFqPoFHA.2920@xxxxxxxxxxxxxxxxxxxx>
| > > <464AB7A0-D39E-4FD3-821B-28EEA2EB4B59@xxxxxxxxxxxxx>
| > > <TkAnYbWoFHA.2700@xxxxxxxxxxxxxxxxxxxxx>
| > > <7B63646A-3A6F-491C-BD5B-7582FFB9C299@xxxxxxxxxxxxx>
| > > <Kz6pQjfoFHA.940@xxxxxxxxxxxxxxxxxxxxx>
| > > | Subject: Re: Error binding to local domain
| > > | Date: Mon, 15 Aug 2005 20:39:13 -0700
| > > | Lines: 321
| > > | Message-ID: <64996607-03AE-4537-A002-24ABF6EEBA21@xxxxxxxxxxxxx>
| > > | MIME-Version: 1.0
| > > | Content-Type: text/plain;
| > > | charset="Utf-8"
| > > | Content-Transfer-Encoding: 7bit
| > > | X-Newsreader: Microsoft CDO for Windows 2000
| > > | Content-Class: urn:content-classes:message
| > > | Importance: normal
| > > | Priority: normal
| > > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > > | Newsgroups: microsoft.public.windows.server.sbs
| > > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > > | Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > > | Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.sbs:144709
| > > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > > |
| > > | Hi Charles,
| > > |
| > > | I still have problems resolving user names as domain administrator
after
| > > | changing the domain administrator's password as recommended. I
also see
| > > two
| > > | warnings in the system event log that may help (did not pay much
| > > attention to
| > > | them before :>( ). The events are:
| > > |
| > > | The Security System detected an attempted downgrade attack for
server
| > > | ldap/dc1.MyDomain.local/MyDomain.local@xxxxxxxxxxxxxxx The failure
code
| > > from
| > > | authentication protocol Kerberos was "There are currently no logon
| > > servers
| > > | available to service the logon request.
| > > | (0xc000005e)". Source:LSASRV, Category:SPNEGO (Negotiator),
| > > EventID:40960
| > > |
| > > | The Security System could not establish a secured connection with
the
| > > server
| > > | ldap/dc1.MyDomain.local/MyDomain.local@xxxxxxxxxxxxxxx No
authentication
| > > | protocol was available. Source:LSASRV, Category:SPNEGO
(Negotiator),
| > > | EventID:40961
| > > |
| > > | Steve
| > > | ""Charles Yang [MSFT]"" wrote:
| > > |
| > > | > Hi Steve,
| > > | >
| > > | > Thanks for updates.
| > > | >
| > > | > I will be here waiting for your updates. Thanks for your effort.
| > > | >
| > > | >
| > > | >
| > > | > Best regards,
| > > | >
| > > | > Charles Yang (MSFT)
| > > | >
| > > | > Microsoft CSS Online Newsgroup Support
| > > | >
| > > | > Get Secure! - www.microsoft.com/security
| > > | >
| > > | > ======================================================
| > > | > This newsgroup only focuses on SBS technical issues. If you have
issues
| > > | > regarding other Microsoft products, you'd better post in the
| > > corresponding
| > > | > newsgroups so that they can be resolved in an efficient and
timely
| > > manner.
| > > | > You can locate the newsgroup here:
| > > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
| > > | >
| > > | > When opening a new thread via the web interface, we recommend you
check
| > > the
| > > | > "Notify me of replies" box to receive e-mail notifications when
there
| > > are
| > > | > any updates in your thread. When responding to posts via your
| > > newsreader,
| > > | > please "Reply to Group" so that others may learn and benefit from
your
| > > | > issue.
| > > | >
| > > | > Microsoft engineers can only focus on one issue per thread.
Although we
| > > | > provide other information for your reference, we recommend you
post
| > > | > different incidents in different threads to keep the thread
clean. In
| > > doing
| > > | > so, it will ensure your issues are resolved in a timely manner.
| > > | >
| > > | > For urgent issues, you may want to contact Microsoft CSS
directly.
| > > Please
| > > | > check http://support.microsoft.com for regional support phone
numbers.
| > > | >
| > > | > Any input or comments in this thread are highly appreciated.
| > > | > ======================================================
| > > | > This posting is provided "AS IS" with no warranties, and confers
no
| > > rights.
| > > | >
| > > | >
| > > | > =====================================================
| > > | > When responding to posts, please "Reply to Group" via your
newsreader
| > > so
| > > | > that others may learn and benefit from your issue.
| > > | > =====================================================
| > > | >
| > > | > This posting is provided "AS IS" with no warranties, and confers
no
| > > rights.
| > > | >
| > > | > --------------------
| > > | > | Thread-Topic: Error binding to local domain
| > > | > | thread-index: AcWhlpqkCG/7gRR1R8WjUmV1ItxHTQ==
| > > | > | X-WBNR-Posting-Host: 65.164.216.122
| > > | > | From: =?Utf-8?B?U3RldmUgTGFyc29u?=
| > > <SteveLarson@xxxxxxxxxxxxxxxxxxxxxxxxx>
| > > | > | References:
<2E7C8934-DBF1-47BE-9EA2-D2947D7C1799@xxxxxxxxxxxxx>
| > > | > <uLiBFqPoFHA.2920@xxxxxxxxxxxxxxxxxxxx>
| > > | > <464AB7A0-D39E-4FD3-821B-28EEA2EB4B59@xxxxxxxxxxxxx>
| > > | > <TkAnYbWoFHA.2700@xxxxxxxxxxxxxxxxxxxxx>
| > > | > | Subject: Re: Error binding to local domain
| > > | > | Date: Mon, 15 Aug 2005 05:41:07 -0700
| > > | > | Lines: 308
| > > | > | Message-ID: <7B63646A-3A6F-491C-BD5B-7582FFB9C299@xxxxxxxxxxxxx>
| > > | > | MIME-Version: 1.0
| > > | > | Content-Type: text/plain;
| > > | > | charset="Utf-8"
| > > | > | Content-Transfer-Encoding: 7bit
| > > | > | X-Newsreader: Microsoft CDO for Windows 2000
| > > | > | Content-Class: urn:content-classes:message
| > > | > | Importance: normal
| > > | > | Priority: normal
| > > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > > | > | Newsgroups: microsoft.public.windows.server.sbs
| > > | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > > | > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > > | > | Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.sbs:144427
| > > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
| > > | > |
| > > | > | Charles,
| > > | > | Thanks for the response. The problem is on all machines. I
will try
| > > the
| > > | > | number 2 solution and report back. I tried number 3 before I
posted
| > > the
| > > | > | question.
| > > | > |
| > > | > | Steve
| > > | > | ""Charles Yang [MSFT]"" wrote:
| > > | > |
| > > | > | > Hi Steve,
| > > | > | >
| > > | > | > Welcome to SBS newsgroup.
| > > | > | >
| > > | > | > Issue description:
| > > | > | >
| > > | > | > ===========
| > > | > | >
| > > | > | > I understand that you encountered 1006 and 1030 error.
| > > | > | >
| > > | > | > Analyzing and suggestions:
| > > | > | >
| > > | > | > ============
| > > | > | >
| > > | > | > Generally speaking, this issue might be relate to AD
configuration
| > > on
| > > | > SBS
| > > | > | > domain, please perform tests below:
| > > | > | >
| > > | > | > 1. If this user log on to a DIFFERENT computer, can the
problem be
| > > | > | > reproduced? If not, the problem is most likely related to the
user
| > > | > profile
| > > | > | > on the ''problematic'' computer. I suggest that you delete
the
| > > profile
| > > | > on
| > > | > | > that computer and try to log on to it again. (That means
delete the
| > > | > Domain
| > > | > | > administrator's profiles on that workstation then logon the
| > > workstation
|
.
- Follow-Ups:
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- References:
- Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: Lanwench [MVP - Exchange]
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: "Charles Yang [MSFT]"
- Re: Error binding to local domain
- From: Steve Larson
- Re: Error binding to local domain
- From: Steve Larson
- Error binding to local domain
- Prev by Date: SBS 2003 Back to eject tape
- Next by Date: RE: Cannot install Webpart
- Previous by thread: Re: Error binding to local domain
- Next by thread: Re: Error binding to local domain
- Index(es):
Relevant Pages
|
