Re: server to server connection
From: Mike (anonymous_at_discussions.microsoft.com)
Date: 01/26/04
- Next message: Rick Duffin: "Manually adding to SUS updates"
- Previous message: Steve Lundy: "Permissions on Home Directories"
- In reply to: Steven Umbach: "Re: server to server connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Jan 2004 07:29:29 -0800
Thanks.
I took a chance with one of the test servers and removed
it from the domain by putting it in a workgroup, rebooting
it and then rejoining the domain followed by another
reboot. Thankfully this worked & the machine is now
visible to the domain again. I've tried this on one of the
SQL servers & it's fixed that as well.
For the moment the problem is sorted but I am still
concerned over how/why it occurred in the first place.
Mike.
>-----Original Message-----
>You checked the time correctly. Did netdiag run OK with
no failed tests?? The
>usual suspects in security options are digitally sign
communications if it is
>required for client/server always and the other computer
is not configured to
>comply by having the appropriate setting enabled such as
when possible. You
>mentioned a laptop could not join the domain. I still
think it could be a dns
>issue somewhere. If the clients appear to have dns
configured properly, you may
>also want to check the domain controller they are
configured to use by looking
>in it's Event Viewer for pertinent messages and running
dcdiag on it looking for
>failed tests. --- Steve
>
>"Mike" <anonymous@discussions.microsoft.com> wrote in
message
>news:393a01c3e36f$02bf1ca0$a301280a@phx.gbl...
>>
>> When you say 'make suer the time is in synch' what are
you
>> referring to ? The main AD machine is set to synch to
>> itself, all other machine have this set as the clock.
If i
>> look at the date/time/timezone on the two machines they
>> are exactly the same - is there anything else to look
at ?
>>
>> Also, what security options should i look at - I've
looked
>> at most of them time but I might have missed something
>> obvious !
>>
>> Thanks
>>
>> Mike.
>>
>> >-----Original Message-----
>> >I don't know the exact cause but first make sure the
time
>> is in synch with the
>> >domain and in the correct time zone. Kerberos only
allows
>> a five minute time
>> >skew. It may also be a dns issue. Make sure it is
>> configured to use only AD
>> >domain controllers as it's dns preferred dns server and
>> use ping and nslookup to
>> >verify connectivity to the dns server and that it can
>> resolve dns names. I would
>> >also run netdiag on the server looking for any failed
>> tests that may help
>> >pinpoint the problem. Also find out if anyone
>> reconfigured any security options,
>> >software firewall, or ipsec policies on that server
>> which may be causing a
>> >problem. -- Steve
>> >
>> >http://support.microsoft.com/default.aspx?scid=kb%3Ben-
us%
>> 3B321708
>> >http://support.microsoft.com/default.aspx?scid=kb%3Ben-
us%
>> 3B216393
>> >
>> >"Mike" <anonymous@discussions.microsoft.com> wrote in
>> message
>> >news:3b6c01c3e2bd$95000a50$a501280a@phx.gbl...
>> >>
>> >> Can anyone assist with the error shown below ?
>> >>
>> >> One of the member servers connected to the domain for
>> the
>> >> last 3 months but this weeks stopped connecting. I
can
>> >> logon locally to the server but can't logon to it
with
>> as
>> >> a domain user nor can it create a trust relationship
>> with
>> >> the DC.
>> >>
>> >> As a last resort I removed the server from active
>> >> directory, rebooted the DC and added it back in again
>> but
>> >> that didn't help. I also tried adding a new laptop to
>> the
>> >> domain - it asked for the admin password & then
failed
>> to
>> >> find the DC !
>> >>
>> >>
>> >> Event Type: Failure Audit
>> >> Event Source: Security
>> >> Event Category: Account Logon
>> >> Event ID: 675
>> >> Date: 24/01/2004
>> >> Time: 20:51:29
>> >> User: NT AUTHORITY\SYSTEM
>> >> Computer: ACSSBS1
>> >> Description:
>> >> Pre-authentication failed:
>> >> User Name: ACSCONCEPT$
>> >> User ID: ADVATECH-SBS\ACSCONCEPT$
>> >> Service Name: krbtgt/ADVATECH.CO.UK
>> >> Pre-Authentication Type: 0x2
>> >> Failure Code: 0x18
>> >> Client Address: 200.100.10.6
>> >>
>> >> Thanks.
>> >>
>> >
>> >
>> >.
>> >
>
>
>.
>
- Next message: Rick Duffin: "Manually adding to SUS updates"
- Previous message: Steve Lundy: "Permissions on Home Directories"
- In reply to: Steven Umbach: "Re: server to server connection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
