Secure Channel Keeps Breaking

  • Thread starter Thread starter dan
  • Start date Start date
D

dan

Hello,

I have a Website system with the following architecture - all servers
are Server 2003 AD Domain controllers:

Server #1 - Database Server - 1 NIC - Primary DNS & WINS

Server #2 - Web Server 1 - NIC 1 - Static, NIC 2 - Virtual

Server #3 - Web Server 2 - NIC 1 - Static, NIC 2 - Virtual

The Virtual NIC's are setup for load balancing.

With the aid of NetDiag, DCDiag and Replmon I determined that the
Secure Channel was broken on Web Server 1. So, I used the netdom
command line utility to repair it. Once I got Web Server 1 working
correctly, then Web Server 2 broke.
Any help would be greatly appreciated.

Dan
 
In
Hello,

I have a Website system with the following architecture - all servers
are Server 2003 AD Domain controllers:

Server #1 - Database Server - 1 NIC - Primary DNS & WINS

Server #2 - Web Server 1 - NIC 1 - Static, NIC 2 - Virtual

Server #3 - Web Server 2 - NIC 1 - Static, NIC 2 - Virtual

The Virtual NIC's are setup for load balancing.

With the aid of NetDiag, DCDiag and Replmon I determined that the
Secure Channel was broken on Web Server 1. So, I used the netdom
command line utility to repair it. Once I got Web Server 1 working
correctly, then Web Server 2 broke.
Any help would be greatly appreciated.

Dan
Click to expand...

This is not a DNS question, but may be related if you have your ISP's DNS
configured in IP properties. Rules are ONLY use the internal DNS servers and
use a forwarder.

Did you post this to any other Microsoft newsgroups?

Basically a secure channel is just that, it's a trusted communication link
between the domain and a machine. Some things at the top of my head that
will cause this:

Time is skewed. Kerberos has a 5 minute time skew tolerance. Time is
required by Kerberos authentication.
If the DC's date is older than 60 days, (past the tombostone), it will cause
this.

Please post any Event ID errors and an unedited ipconfig /all to verify your
configuration.

Thanks,


--
Regards,
Ace

G O E A G L E S !!! Superbowl bound NFC Champs!!

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
Back
Top