A
Andrew Jones
I'm experiencing forever logins from domain computers at remote sites (
those on a network connected via a VPN tunnel to the network with the domain
controller ). Remote sites with domain controllers don't have the problem.
The only fix I have thus far is to reboot the domain controller.
In looking over the events I have found that there were two events in the
System Log that immediately went away when the server was rebooted. They
are shown below. Its nice to know reboot fixes the problem for a while,
but what is the actual source of my problem so I can fix it once and for
all?
40960 LsaSrv The Security System detected an attempted downgrade
attack for server LDAP/fs4.KVMHC_DOM. The failure code from authentication
protocol Kerberos was "There are currently no logon servers available to
service the logon request.
(0xc000005e)".
40961 LsaSrv The Security System could not establish a secured
connection with the server LDAP/fs4.KVMHC_DOM. No authentication protocol
was available.
I am still seeing the following events, but it doesn't appear to be
effecting performance and logins.
15 AutoEnrollment Automatic certificate enrollment for local system
failed to contact the active directory (0x8007054b). The specified domain
either does not exist or could not be contacted.
Enrollment will not be performed.
1086 Userenv Windows cannot do loopback processing for downlevel or
local users. Loopback processing will be disabled.
15 AutoEnrollment Automatic certificate enrollment for local system
failed to contact the active directory (0x8007041d). The service did not
respond to the start or control request in a timely fashion.
Enrollment will not be performed.
1054 Userenv Windows cannot obtain the domain controller name for your
computer network. (An unexpected network error occurred. ). Group Policy
processing aborted.
THanks,
Andrew
those on a network connected via a VPN tunnel to the network with the domain
controller ). Remote sites with domain controllers don't have the problem.
The only fix I have thus far is to reboot the domain controller.
In looking over the events I have found that there were two events in the
System Log that immediately went away when the server was rebooted. They
are shown below. Its nice to know reboot fixes the problem for a while,
but what is the actual source of my problem so I can fix it once and for
all?
40960 LsaSrv The Security System detected an attempted downgrade
attack for server LDAP/fs4.KVMHC_DOM. The failure code from authentication
protocol Kerberos was "There are currently no logon servers available to
service the logon request.
(0xc000005e)".
40961 LsaSrv The Security System could not establish a secured
connection with the server LDAP/fs4.KVMHC_DOM. No authentication protocol
was available.
I am still seeing the following events, but it doesn't appear to be
effecting performance and logins.
15 AutoEnrollment Automatic certificate enrollment for local system
failed to contact the active directory (0x8007054b). The specified domain
either does not exist or could not be contacted.
Enrollment will not be performed.
1086 Userenv Windows cannot do loopback processing for downlevel or
local users. Loopback processing will be disabled.
15 AutoEnrollment Automatic certificate enrollment for local system
failed to contact the active directory (0x8007041d). The service did not
respond to the start or control request in a timely fashion.
Enrollment will not be performed.
1054 Userenv Windows cannot obtain the domain controller name for your
computer network. (An unexpected network error occurred. ). Group Policy
processing aborted.
THanks,
Andrew