R
Roger
I keep getting a 40960 and 4961 errors(hourly) on a dns server I have set
up. My configuration is in a nt4 domain only.
thanks
Roger
up. My configuration is in a nt4 domain only.
thanks
Roger
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
K
Kevin D. Goodknecht [MVP]
In
There are several causes for the 40960, and the 4961 info is not available
yet. To help you diagnose these you will need to paste the event data to
your next post so we can get a clue as to what is causing them. Has the
Win2k3 been promoted to a DC? If it has do you have only its IP address
listed in TCP/IP properties for DNS? AD domain members must not point to
your ISP in their NIC for DNS.
http://www.eventid.net/display.asp?eventid=40960&source=
Roger said:I keep getting a 40960 and 4961 errors(hourly) on a dns server I have
set up. My configuration is in a nt4 domain only.
thanks
Roger
There are several causes for the 40960, and the 4961 info is not available
yet. To help you diagnose these you will need to paste the event data to
your next post so we can get a clue as to what is causing them. Has the
Win2k3 been promoted to a DC? If it has do you have only its IP address
listed in TCP/IP properties for DNS? AD domain members must not point to
your ISP in their NIC for DNS.
http://www.eventid.net/display.asp?eventid=40960&source=
R
Roger
Copy of info from the error messages.
40961 - The Security System could not establish a secured conneciton with
the server DNS/server1.bhc.int. No authentication protocol was available.
40960 - The Security System detected an authentication error for the server
DNS/server.bhc.int. the failure code form authentication protocol Kerboeros
was "There are no logon servers available to service the logon request,
(oxc000005e)".
This is not a domain controller, and I do not have active directory loaded
anywhere.
thanks
Roger
40961 - The Security System could not establish a secured conneciton with
the server DNS/server1.bhc.int. No authentication protocol was available.
40960 - The Security System detected an authentication error for the server
DNS/server.bhc.int. the failure code form authentication protocol Kerboeros
was "There are no logon servers available to service the logon request,
(oxc000005e)".
This is not a domain controller, and I do not have active directory loaded
anywhere.
thanks
Roger
K
Kevin D. Goodknecht [MVP]
In
and you said you have not done that so I would suggest you run netdiag /v on
this machine to find out what it is looking for.
Here are the only two KBs I can find that refer to these errors, but they
refer to these errors after DCPROMO.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q823712
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q824217
All I can find on these errors says you can get them after your run DCPROMO,Roger said:Copy of info from the error messages.
40961 - The Security System could not establish a secured conneciton
with the server DNS/server1.bhc.int. No authentication protocol was
available.
40960 - The Security System detected an authentication error for the
server DNS/server.bhc.int. the failure code form authentication
protocol Kerboeros was "There are no logon servers available to
service the logon request, (oxc000005e)".
This is not a domain controller, and I do not have active directory
loaded anywhere.
and you said you have not done that so I would suggest you run netdiag /v on
this machine to find out what it is looking for.
Here are the only two KBs I can find that refer to these errors, but they
refer to these errors after DCPROMO.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q823712
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q824217
A
Ace Fekay [MVP]
Possible classic use of ISP DNS maybe causing this.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
R
Roger
I was pretty sure it was configuration, but message generated is of no help.
I ran the netdiag and did not see anything there either. The dns does work.
Thanks for your help
Roger
"Ace Fekay [MVP]"
I ran the netdiag and did not see anything there either. The dns does work.
Thanks for your help
Roger
"Ace Fekay [MVP]"
A
Ace Fekay [MVP]
Speaking of which, can we see your configuration to give us a better idea
and to eliminate the basics?
Please post an unedited ipconfig /all.
Thanks.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
and to eliminate the basics?
Please post an unedited ipconfig /all.
Thanks.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
R
Roger
Here is the IPconfig.
Windows IP Configuration
Host Name . . . . . . . . . . . . : cpcsvr1
Primary Dns Suffix . . . . . . . : BHC.INT
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : BHC.INT
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0B-CD-9B-1E-71
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.2.222
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.5
DNS Servers . . . . . . . . . . . : 172.20.2.222
Primary WINS Server . . . . . . . : 172.20.2.225
thanks
Roger
"Ace Fekay [MVP]"
Windows IP Configuration
Host Name . . . . . . . . . . . . : cpcsvr1
Primary Dns Suffix . . . . . . . : BHC.INT
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : BHC.INT
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-0B-CD-9B-1E-71
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.2.222
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.5
DNS Servers . . . . . . . . . . . : 172.20.2.222
Primary WINS Server . . . . . . . : 172.20.2.225
thanks
Roger
"Ace Fekay [MVP]"
K
Kevin D. Goodknecht [MVP]
In
support for Kerboeros protocol. Try removing it from th domain and then
rejoining the domain to see if it can find the NT4 domain.
Obviously, this thing thinks it is part of an AD Domain, because NT4 has noRoger said:Here is the IPconfig.
Windows IP Configuration
Host Name . . . . . . . . . . . . : cpcsvr1
Primary Dns Suffix . . . . . . . : BHC.INT
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : BHC.INT
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7781 Gigabit Server
Adapter Physical Address. . . . . . . . . : 00-0B-CD-9B-1E-71
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.2.222
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.5
DNS Servers . . . . . . . . . . . : 172.20.2.222
Primary WINS Server . . . . . . . : 172.20.2.225
40961 - The Security System could not establish a secured conneciton
with the server DNS/server1.bhc.int. No authentication protocol was
available.
40960 - The Security System detected an authentication error for the
server DNS/server.bhc.int. the failure code form authentication
protocol Kerboeros was "There are no logon servers available to
service the logon request, (oxc000005e)".
support for Kerboeros protocol. Try removing it from th domain and then
rejoining the domain to see if it can find the NT4 domain.
A
Ace Fekay [MVP]
Thanks for posting that Roger. It actually looks fine.
Follow Kevin's suggestions to remove and re-join it.
Let us know if it helps.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Follow Kevin's suggestions to remove and re-join it.
Let us know if it helps.
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
R
Roger
Hi,
I did as you both suggested and it worked. I left it run all day until I
was fairly sure the errors would not return and they did not.
Thanks again for the help
Roger
"Ace Fekay [MVP]"
I did as you both suggested and it worked. I left it run all day until I
was fairly sure the errors would not return and they did not.
Thanks again for the help
Roger
"Ace Fekay [MVP]"
A
Ace Fekay [MVP]
In
Good deal!
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Roger said:Hi,
I did as you both suggested and it worked. I left it run all day
until I was fairly sure the errors would not return and they did not.
Thanks again for the help
Roger
Good deal!
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
R
Roger
Hi,
Today I got a 414 error and I corrected that and now things have returned to
40961 and 40960 errors. I will watch it for a few days, and then maybe just
start over.
thanks
Roger
"Ace Fekay [MVP]"
Today I got a 414 error and I corrected that and now things have returned to
40961 and 40960 errors. I will watch it for a few days, and then maybe just
start over.
thanks
Roger
"Ace Fekay [MVP]"
A
Ace Fekay [MVP]
In
So far what I've seen, it seems that creating a reverse zone *may* eliminate
the 40961 errors. See here for more info:
http://www.eventid.net/display.asp?eventid=40961&source=
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
Roger said:Hi,
Today I got a 414 error and I corrected that and now things have
returned to 40961 and 40960 errors. I will watch it for a few days,
and then maybe just start over.
thanks
Roger
So far what I've seen, it seems that creating a reverse zone *may* eliminate
the 40961 errors. See here for more info:
http://www.eventid.net/display.asp?eventid=40961&source=
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory