Re: Can't logon 2003 SBS domain
- From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
- Date: Thu, 12 Feb 2009 07:41:38 +1100
Though 'odd' the range is valid, in classless addressing. Got any old routers/switches involved? Though newer devices handle classless addressing properly I have had older devices spit the dummy (originally hit this when SBS 4 used 10.whatever/24, but that was back when classful addressing was expected and SBS Dev had this wacky idea they knew better).
The purpose of your tracert has me confused. chicagotech.net [69.89.25.174] appears to be a web hosting provider, and yes, your server can ping it. I would expect you to be accessing these servers by their local IP or name (server.chicagotech.local) if connected by VPN.
Special offer for a fellow MVP, mail me. mickm at mickmalloy dot dyndns dot org. I seem to remember some notes you had about something that I found helpful, maybe I can return the favour.
"Robert L. (MS-MVP)" <findemail@xxxxxxxxxxxxxxx> wrote in message news:ejTLCsGjJHA.5244@xxxxxxxxxxxxxxxxxxxxxxx
Cris,
This is my client and I haven't been in their office. I provide remote support only.
1. I think they may have IBMX40.
2. Each of those TS also run Virtual server for some applications.
3. One of TS runs SharePoint. We can access SharePoint but it is very slow and it may stop because it is too slow.
4. Any thing relates to domain is slow. For example, netdiag takes 5 minutes to get the results; network mapping take long to map. However, if I RDC from one computer to other logon using local username, it works normal (I mean the speed).
5. I have seen a slow issue like this one. Restarting the router/switch fixes. I can't do power off since I am in the remote site. I did restarted the router and switch.
Thank you.
--
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Cris Hanna [SBS - MVP]" <crisnospamhanna@xxxxxxxxxxxxxxxxxxxxx> wrote in message news:umoZOaGjJHA.824@xxxxxxxxxxxxxxxxxxxxxxx
So your SBS server has only one NIC?
Very interesting (meaning "odd") selection for IP scheme.
Is there another system involved here?
-- Cris Hanna [SBS - MVP]
Co-Author, Windows Small Business Server 2008 Unleashed
http://www.amazon.com/Windows-Small-Business-Server-Unleashed/dp/0672329573/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1217269967&sr=8-1
Owner, CPU Services, Belleville, IL
A Microsoft Registered Partner
------------------------------------
MVPs do not work for Microsoft
Please do not submit questions directly to me.
"Robert L. (MS-MVP)" <findemail@xxxxxxxxxxxxxxx> wrote in message news:udAQsTGjJHA.5496@xxxxxxxxxxxxxxxxxxxxxxx
More information. Here are the results of ipconfig /all and tracert.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
H:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SBS
Primary Dns Suffix . . . . . . . : chicagotech.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : chicagotech.local
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.88.78.116
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0E-0C-3E-B2-7E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.88.78.220
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.88.78.1
DNS Servers . . . . . . . . . . . : 10.88.78.220
Primary WINS Server . . . . . . . : 10.88.78.220
H:\>tracert chicagotech.net
Tracing route to chicagotech.net [69.89.25.174]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 10.88.78.1
2 30 ms 5 ms 7 ms c-3-0-ubr01.maynard.ma.boston.comcast.net [73.17
1.192.1]
3 5 ms 8 ms 6 ms ge-2-3-ur01.londonderry.nh.boston.comcast.net [6
8.86.227.225]
4 8 ms 7 ms 7 ms te-9-2-ar01.needham.ma.boston.comcast.net [68.87
.146.194]
5 10 ms 11 ms 10 ms 68.85.162.70
6 14 ms 13 ms 14 ms pos-1-6-0-0-cr01.newyork.ny.ibone.comcast.net [6
8.86.90.61]
7 13 ms 14 ms 14 ms te2-6.mpd01.jfk05.atlas.cogentco.com [154.54.12.
205]
8 15 ms 13 ms 14 ms te8-4.ccr01.jfk02.atlas.cogentco.com [154.54.5.2
09]
9 22 ms * * te2-4.mpd01.bos01.atlas.cogentco.com [154.54.5.2
49]
10 40 ms 41 ms 42 ms te2-2.mpd01.ord01.atlas.cogentco.com [154.54.6.1
8]
11 52 ms 51 ms 52 ms te9-8.mpd01.mci01.atlas.cogentco.com [154.54.7.1
38]
12 62 ms 64 ms 64 ms te4-4.mpd01.den01.atlas.cogentco.com [154.54.24.
81]
13 101 ms 101 ms 101 ms te4-2.ccr01.slc01.atlas.cogentco.com [154.54.0.4
2]
14 102 ms 103 ms 102 ms vl3504.na31.b020767-1.slc01.atlas.cogentco.com [
38.20.34.178]
15 103 ms 104 ms 103 ms 38.104.174.30
16 103 ms 104 ms 103 ms box174.bluehost.com [69.89.25.174]
Trace complete.
-- Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
"Robert L. (MS-MVP)" <findemail@xxxxxxxxxxxxxxx> wrote in message news:uck1NgFjJHA.500@xxxxxxxxxxxxxxxxxxxxxxx
I have posted this question in the Internet and opened a case with Microsoft, but can't fix it.
We have a Windows 2003 SBS and other two Terminal servers. No one can't logon the TS using RDC over the Internet or over VPN (we can establish the VPN). When we try, we will receive this error: "The system cannot log you on due to the following error: Access is denied".
However, we can logon the TS using local computer username. We can also logon the SBS using domain account. But no computer including SBS can access the Internet (I think it is the related issue) so that I can't install any update.
What we have done:
1. Rebooted all servers.
2. Rebooted all hardware such as router and switch.
3. Run netdiag and dcdiag. No errors.
4. nslookup doesn't show any errors and we can ping any web sites.
5. We have tried clean boot.
6. We have run CEICW
7. The TS have the following Event ID
Event ID: 1219 - Logon rejected for chicagotech\BobLin. Unable to obtain Terminal Server User Configuration. Error: Access is denied.
Event ID: 40960 - The Security System detected an authentication error for the server LDAP/domainname. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
What could be the problem?
-- Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
.
- Follow-Ups:
- Re: Can't logon 2003 SBS domain
- From: Robert L. \(MS-MVP\)
- Re: Can't logon 2003 SBS domain
- References:
- Can't logon 2003 SBS domain
- From: Robert L. \(MS-MVP\)
- Re: Can't logon 2003 SBS domain
- From: Robert L. \(MS-MVP\)
- Re: Can't logon 2003 SBS domain
- From: Cris Hanna [SBS - MVP]
- Re: Can't logon 2003 SBS domain
- From: Robert L. \(MS-MVP\)
- Can't logon 2003 SBS domain
- Prev by Date: Integrating a SBS server into current Win2003 domain
- Next by Date: SBS in Win2003 Network
- Previous by thread: Re: Can't logon 2003 SBS domain
- Next by thread: Re: Can't logon 2003 SBS domain
- Index(es):
Relevant Pages
|
