Windows 2003 Event ID 40961 SPNEGO

  • Thread starter Thread starter Steve
  • Start date Start date
S

Steve

I have a windows 2003 DC in a Win2k domain that keeps getting these errors
every 2 hours:
The Security System could not establish a secured connection with the server
ldap/DC3.myorg.org/[email protected]. No authentication protocol was
available.

The really weird thing is that the machine getting the errors is DC3, like
the machine can't talk to itself properly. I have seen several posts that
are similar but none that are the same.
Any Ideas?

TIA,
Steve
 
I have a windows 2003 DC in a Win2k domain that keeps getting these errors
every 2 hours:
The Security System could not establish a secured connection with the server
ldap/DC3.myorg.org/[email protected]. No authentication protocol was
available.

The really weird thing is that the machine getting the errors is DC3, like
the machine can't talk to itself properly. I have seen several posts that
are similar but none that are the same.
Any Ideas?

TIA,
Steve
Click to expand...

See:

http://support.microsoft.com?kbid=823712 "Event IDs 40960 and 40961 in the
System Event Log When You Restart Windows Server 2003 After You Run Dcpromo.exe"
http://support.microsoft.com?kbid=824217 "LSASRV Event IDs 40960 and 40961 When
You Promote a Server to a Domain Controller Role"



Jerold Schulman
Windows: General MVP
JSI, Inc.
http://www.jsiinc.com
 
Jerold Schulman said:
See:

http://support.microsoft.com?kbid=823712 "Event IDs 40960 and 40961 in the
System Event Log When You Restart Windows Server 2003 After You Run Dcpromo.exe"
http://support.microsoft.com?kbid=824217 "LSASRV Event IDs 40960 and 40961 When
You Promote a Server to a Domain Controller Role"



Jerold Schulman
Windows: General MVP
JSI, Inc.
http://www.jsiinc.com
Click to expand...

I saw those articles but I wasn't sure because I am only getting 40961 and
not the 40960. Do you think it is the same issue?

Steve
Click to expand...
 
Im running around 30 DCs with one of them being Win2003 DC
Im getting this event not only in the DC but also in the WinXP clients...all winxp clients are having this..

any ideas?
 
Hi Freddy,

Hope you already solved your problem but if not, here is my "two bit" on the
issue.

- Regarding the Win2003 DC, if you promoted it to PDC the issue is on:

http://support.microsoft.com?kbid=823712 "Event IDs 40960 and 40961 in the
System Event Log When You Restart Windows Server 2003
After You Run
Dcpromo.exe"
http://support.microsoft.com?kbid=824217 "LSASRV Event IDs 40960 and 40961
When
You Promote a Server to a Domain Controller Role"


- Regarding the WinXP, check the application log to see if you get a userenv
error at the same time you get the SPNEGO ones. If so,
your user credentials lost the binding with the machine id and your user
policy
is not updating. Here is what worked for me:

1 - Change original profile from local to roaming
2 - Reboot+logon twice with 5min interval to assure profile is properly
copied
to network share
3 - Logon as the workstations local admin
4 - Rename original profile in local machine to "profile safe"
5 - Change the workstation from the domain to a workgroup "WORKGROUP"
6 - Change IP address, DNS & WINS from fixed to DNS + shutdown
7 - Remove the workstation from the server
8 - Restart workstation and logon again as local admin
9 - Change workstation from the workgroup back to the domain 10 - Change IP
addresses from assigned back to fixed
11 - Reboot and logon with original profile name (basic profile setting is
loaded the first time)
12 - Wait five minutes and log off and on again with the same profile name
in
order to finish importing roaming profile
13 - Use gpupdate /force and reboot
14 - Change profile back to local if desired

What worked:
A - no more SPNEGO 40961 & USERENV 1030 errors in event log
B - Group policies are now being fully updated again (only machine policy
was
update before)

What didn't work:
A - HTTP email accounts became corrupt and had to be re-created. No data
lost.
B - All news reader subscriptions lost.


Good luck,

Curt


Freddy Hartono said:
Im running around 30 DCs with one of them being Win2003 DC,
Im getting this event not only in the DC but also in the WinXP
Click to expand...
clients...all winxp clients are having this...
 
Back
Top