Possible DNS Issues

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Periodically computers are dropping off the domain. One day the computers are
in Active Directory and then the next day they are gone. I have had to rejoin
some computers back to the domain several times over a period of time. One
day a user can log in and the next day his/her account is locked out. I have
logged into a machine successfully and then logged off and then right back on
only to find the account locked out. We are finding LsaSrv SPNEGO errors
stating a logon server cannot be found. We have to DC's for authentication
and sometimes in the Event Log it will show that machines are trying to
authenticate to Memeber Servers? A lot of the articles and fixes I have read
all point to DNS issues. Can someone shed some light on this issue?
 
Periodically computers are dropping off the domain. One day the computers are
in Active Directory and then the next day they are gone. I have had to rejoin
some computers back to the domain several times over a period of time. One
day a user can log in and the next day his/her account is locked out. I have
logged into a machine successfully and then logged off and then right back on
only to find the account locked out. We are finding LsaSrv SPNEGO errors
stating a logon server cannot be found. We have to DC's for authentication
and sometimes in the Event Log it will show that machines are trying to
authenticate to Memeber Servers? A lot of the articles and fixes I have read
all point to DNS issues. Can someone shed some light on this issue?
Click to expand...

Kent,

Windows XP, using DNS on a domain, has to be setup properly. I'll be interested
in seeing what makes your problem intermittent or random though. Maybe a DHCP
problem?
<http://nitecruzr.blogspot.com/2005/05/windows-xp-on-nt-domain.html>
http://nitecruzr.blogspot.com/2005/05/windows-xp-on-nt-domain.html

If that doesn't help, spend some time please and describe the situation in a bit
more detail. What are the "articles and fixes (that you) have read"?
 
I'd also be wondering if this is a DC error - maybe one DC has gone south
for the winter and is trashing the database on the other DCs when it
replicates. A long, LOOOONG careful look through event logs on DCs and
clients would likely be in order.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
I'd also be wondering if this is a DC error - maybe one DC has gone south
for the winter and is trashing the database on the other DCs when it
replicates. A long, LOOOONG careful look through event logs on DCs and
clients would likely be in order.
Click to expand...

Good point, Richard. It's scary how many folks are running domains, without
thinking of issues like DC management.

Of course, it would help if folks posting here would proofread what they type
before sending it. WTF does this mean? I gather you read "replication" in it?
I skipped right over it.
 
WTF reply - What this means is that I have two(I acknowleged the typo from
the previous post) DC's(which are Domain Controllers) that authenticate users
logging into our network. Stick with me now, in the Event Viewer of the
user's machines I will find entries that point to LSASRV SPNEGO - Event ID
40960 issues. Some state that the machine was trying to contact a member
server to authenticate to the network(not supposed to happen) and some state
that there a no logon servers available, sometimes when I look in AD(Active
Directory) I will see that the machine is no longer in AD. Seeing that we
have over 400 domain controllers around the world and this is the first issue
I have had to ask for some help on in a long time goes to show you that our
team is doing pretty well managing our network. Now if you want to see some
of the articles I have been reading. Go to this link and read everything
icludding all the articles listed at the bottom if you have an account with
this site.
http://www.eventid.net/display.asp?eventid=40960&eventno=787&source=LsaSrv&phase=1
 
WTF reply - What this means is that I have two(I acknowleged the typo from
the previous post) DC's(which are Domain Controllers) that authenticate users
logging into our network. Stick with me now, in the Event Viewer of the
user's machines I will find entries that point to LSASRV SPNEGO - Event ID
40960 issues. Some state that the machine was trying to contact a member
server to authenticate to the network(not supposed to happen) and some state
that there a no logon servers available, sometimes when I look in AD(Active
Directory) I will see that the machine is no longer in AD. Seeing that we
have over 400 domain controllers around the world and this is the first issue
I have had to ask for some help on in a long time goes to show you that our
team is doing pretty well managing our network. Now if you want to see some
of the articles I have been reading. Go to this link and read everything
icludding all the articles listed at the bottom if you have an account with
this site.
http://www.eventid.net/display.asp?eventid=40960&eventno=787&source=LsaSrv&phase=1
Click to expand...

Well, Kent,

Good to see some details. Better to have seen them in the first problem report,
but late is better than never. You've been researching this far more than the
first problem report implied. ;)

The error message "no logon servers available" is consistent with a DNS setup
problem, but the intermittent nature that you're describing isn't. What is the
DHCP lease time like? Do you know all the DHCP servers - any chance of a rogue
one?

Is this problem confined to your local domain, or is it seen by the other 400
DCs too?

I'm thinking this might not be so much an XP topic as maybe an AD or server
topic?
<http://www.microsoft.com/technet/community/newsgroups/topics/ad.mspx>
http://www.microsoft.com/technet/community/newsgroups/topics/ad.mspx
<http://www.microsoft.com/technet/community/newsgroups/serveros/win2003.mspx>
http://www.microsoft.com/technet/community/newsgroups/serveros/win2003.mspx
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security System detected an attempted downgrade attack... 1
XP LAN Issues 2
Why was I just banned for no reason? 2
* URGENT * Windows XP SPNEGO (Negotiator) 5
the user name you typed is the same as the user name you logged in with 1
Domain issues 2
VPN Connection issue - Cant connect to another VPN until a restart 3
Domain Controller issues with Virtual Machines 1

Back
Top