File server denied access by Domain Controller: Access is denied because of failure to authenticate **CORRECTION***

File server denied access by Domain Controller: Access is denied because of failure to authenticate **CORRECTION***

Post by Jim » Thu, 24 May 2007 16:42:15


"Jim" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...

The above message is incomplete. The correct message is:

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 5/22/2007
Time: 5:01:14 PM
User: N/A
Computer: serv2
Description:
This computer was not able to set up a secure session with a domain
controller in domain xxx due to the following:
The RPC server is unavailable.

This may lead to authentication problems. Make sure that this computer is
connected to the network. If the problem persists, please contact your
domain administrator.

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up
the secure session to the primary domain controller emulator in the
specified domain. Otherwise, this computer sets up the secure session to any
domain controller in the specified domain.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 17 00 02 c0 ...
Sorry. I goofed up the cut/paste.
>> > Server 2 (the domain controller) has the following log entries:> >> > Event Type: Error> > Event Source: Kerberos> > Event Category: None> > Event ID: 4> > Date: 5/22/2007> > Time: 4:57:03 PM> > User: N/A> > Computer: serv2> > Description:> > The kerberos client received a KRB_AP_ERR_MODIFIED error from the server > > host/serv1.xxx.xxx.com. The target name used was cifs/serv1. This > > indicates that the password used to encrypt the kerberos service ticket is > > different than that on the target server. Commonly, this is due to > > identically named machine accounts in the target realm (xxx.xxxxxx), and > > the client realm. Please contact your system administrator.> >> > For more information, see Help and Support Center at > > http://go.microsoft.com/fwlink/events.asp> >> >> > followed by another log entry:> >> > Event Type: Error> > Event Source: NETLOGON> > Event Category: None> > Event ID: 5722> > Date: 5/22/2007> > Time: 5:11:37 PM> > User: N/A> > Computer: serv23> > Description:> > The session setup from the computer serv1 failed to authenticate. The > > name(s) of the account(s) referenced in the security database is serv1$. > > The following error occurred:> > Access is denied.> >> > For more information, see Help and Support Center at > > http://go.microsoft.com/fwlink/events.asp.> > Data:> > 0000: 22 00 00 c0 "..>
> I'm not sure how to proceed>
> I've reviewed KB entries>
> http://support.microsoft.com/kb/321044/en-u>
> http://support.microsoft.com/kb/913327/en-u>
> http://support.microsoft.com/kb/823659/en-u>
> http://support.microsoft.com/kb/885409/en-u>
> but they don't really tell me how to proceed, expecially as I can't find a>
> duplicate name and there is no reason for the authentication to suddenly>
> fail>
> Both servers can ping the other, which indicates the the network adapters>
> are functioning correctly. This configuration has been stable for several>
> years. No "landmark" event stand out as a possible culprit>
> It is clear that the domain controller is rejecting the connection but I>
> don't know why>
> Any suggestions>
> Regards>
> Ji>
>


 
 
 

File server denied access by Domain Controller: Access is denied because of failure to authenticate **CORRECTION***

Post by Jim » Fri, 25 May 2007 13:16:24

haring Solution::

1. Remove file server from domain (add to a workgroup) via "my
computer/properties"
2. Use active directory/computers and users application to delete file
server from computers container.
3. Add file server back into domain.

The cause of this problem has not been determined.


"Jim" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...
>> > Sorry. I goofed up the cut/paste.> >>>>>>>>> Server 2 (the domain controller) has the following log entries:>>>>>>>> Event Type: Error>>>> Event Source: Kerberos>>>> Event Category: None>>>> Event ID: 4>>>> Date: 5/22/2007>>>> Time: 4:57:03 PM>>>> User: N/A>>>> Computer: serv2>>>> Description:>>>> The kerberos client received a KRB_AP_ERR_MODIFIED error from the server >>>> host/serv1.xxx.xxx.com. The target name used was cifs/serv1. This >>>> indicates that the password used to encrypt the kerberos service ticket >>>> is different than that on the target server. Commonly, this is due to >>>> identically named machine accounts in the target realm (xxx.xxxxxx), and >>>> the client realm. Please contact your system administrator.>>>>>>>> For more information, see Help and Support Center at >>>> http://go.microsoft.com/fwlink/events.asp>>>>>>>>>>>> followed by another log entry:>>>>>>>> Event Type: Error>>>> Event Source: NETLOGON>>>> Event Category: None>>>> Event ID: 5722>>>> Date: 5/22/2007>>>> Time: 5:11:37 PM>>>> User: N/A>>>> Computer: serv23>>>> Description:>>>> The session setup from the computer serv1 failed to authenticate. The >>>> name(s) of the account(s) referenced in the security database is serv1$. >>>> The following error occurred:>>>> Access is denied.>>>>>>>> For more information, see Help and Support Center at >>>> http://go.microsoft.com/fwlink/events.asp.>>>> Data:>>>> 0000: 22 00 00 c0 "..>> >>> >> I'm not sure how to proceed>> >>> >> I've reviewed KB entries>> >> http://support.microsoft.com/kb/321044/en-u>> >>> >>> >>> >> http://support.microsoft.com/kb/913327/en-u>> >>> >>> >>> >> http://support.microsoft.com/kb/823659/en-u>> >>> >>> >>> >> http://support.microsoft.com/kb/885409/en-u>> >>> >>> >>> >> but they don't really tell me how to proceed, expecially as I can't find>> >> a duplicate name and there is no reason for the authentication to>> >> suddenly fail>> >>> >> Both servers can ping the other, which indicates the the network adapters>> >> are functioning correctly. This configuration has been stable for>> >> several years. No "landmark" event stand out as a possible culprit>> >>> >> It is clear that the domain controller is rejecting the connection but I>> >> don't know why>> >>> >> Any suggestions>> >>> >> Regards>> >> Ji>> >>> >>> >>> >>> >>
>