Weird LDAP Errors... Tried many things.

  • Thread starter Thread starter Blarneystone
  • Start date Start date
B

Blarneystone

Guest
I am helping my new client fix a number of networking problems on
their 2K3 network.

One of the issues, that has been plaguing them for months is the LDAP
error event ID 40960:
>>The Security System detected an authentication error for the server LDAP/<servername@domain...>. The failure code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication information.<<<

Similarly, they get an error: EVENT LOG System
EVENT TYPE Warning
SOURCE LSASRV
CATEGORY SPNEGO (Negotiator)
EVENT ID 40960
The Security System detected an authentication error for the server
LDAP/<server name>. The failure code from authentication protocol
Kerberos was "The attempted logon is invalid. This is either due to a
bad username or authentication information.
(0xc000006d)".


And: "The Security System could not establish a secured connection
with the server ldap/<server name>. No authentication protocol was
available."

I've tried resetting the passwords on the DHCP and DNS services on the
failing servers. I've tried auditing all accounts to see which one is
getting a failed login, but no accounts correspond with the timing of
the LDAP failure.

Any suggestions on how to fix?

Thanks~!
 
Re: Weird LDAP Errors... Tried many things.

Blarneystone <BradIsaac@gmail.com> wrote:

> I am helping my new client fix a number of networking problems on
> their 2K3 network.
>
> One of the issues, that has been plaguing them for months is the LDAP
> error event ID 40960:
>>>The Security System detected an authentication error for the server LDAP/
<servername@domain...>. The failure code from authentication protocol Kerberos
was "The attempted logon is invalid. This is either due to a bad username or
authentication information.<<<
>
> Similarly, they get an error: EVENT LOG System
> EVENT TYPE Warning
> SOURCE LSASRV
> CATEGORY SPNEGO (Negotiator)
> EVENT ID 40960
> The Security System detected an authentication error for the server
> LDAP/<server name>. The failure code from authentication protocol
> Kerberos was "The attempted logon is invalid. This is either due to a
> bad username or authentication information.
> (0xc000006d)".
>
>
> And: "The Security System could not establish a secured connection
> with the server ldap/<server name>. No authentication protocol was
> available."
>
> I've tried resetting the passwords on the DHCP and DNS services on the
> failing servers. I've tried auditing all accounts to see which one is
> getting a failed login, but no accounts correspond with the timing of
> the LDAP failure.
>
> Any suggestions on how to fix?
>
> Thanks~!
>
>

Nice big list of things to try:

http://www.eventid.net/display.asp?eventid=40960&eventno=787&source=LsaSrv&phase=1

or maybe this is the reason why:

http://support.microsoft.com/kb/823712
--
Elliott Gaskill
IT Director
ADx, Inc.
 
Back
Top