Help .. Small Business Server Error may be DNS ?
- From: "ophelaisys" <ophelaisys@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 20 Dec 2005 02:18:03 -0800
Hi Everyone & Merry Christmas..
Can anyone help me put this problem to bed before
I start the holiday season.
I have a 2k3 SBS standard server ( server1 ) and 10 clients.
DHCP . DNS . AD. Exchange. all seem cool.... BUt
In the error logs the domain server is failing kerberous authentication..
here is a copy of the security error
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 20/12/2005
Time: 09:57:40
User: NT AUTHORITY\SYSTEM
Computer: SERVER1
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: SERVER1$
Domain: xxxxxxxxx
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: SERVER1
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
this happens every 20 mins................ There is also a double entry in
the system log that points to the above error....
see attached .....
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 20/12/2005
Time: 09:58:58
User: N/A
Computer: SERVER1
Description:
The Security System detected an authentication error for the server
DNS/server1.xxxxxxxx.local. The failure code from authentication protocol
Kerberos was
"The attempted logon is invalid. This is either due to a bad username or
authentication information.
(0xc000006d)".
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
AND THE SECOND ENTRY ....................................
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 20/12/2005
Time: 09:58:58
User: N/A
Computer: SERVER1
Description:
The Security System could not establish a secured connection with the server
DNS/server1.xxxxxx.local. No
authentication protocol was available.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
I have been on all the tech sites following the Event ID's and have not
resolved it.. I may be missing the fix because I have been looking so long...
Is this a dns error ? there are no event ids in the dns logs ..
Any help as to the log on error would be great as the event logs are filling
fast.
Iain.
.
- Follow-Ups:
- RE: Help .. Small Business Server Error may be DNS ?
- From: "Crina Li"
- RE: Help .. Small Business Server Error may be DNS ?
- Prev by Date: Re: id- 1030 source - Userenv
- Next by Date: RE: Memory usage with 2 CPUs
- Previous by thread: RE: Restrictions using GPOs
- Next by thread: RE: Help .. Small Business Server Error may be DNS ?
- Index(es):
Relevant Pages
|
Loading
