LSASRV error in event log?

Discussion in 'DNS Server' started by Steve Grosz, Dec 15, 2004.

  1. Steve Grosz

    Steve Grosz Guest

    I have been getting a unusual error lately in my event log:

    Event Type: Warning
    Event Source: LSASRV
    Event Category: SPNEGO (Negotiator)
    Event ID: 40960
    Date: 12/14/2004
    Time: 11:32:20 PM
    User: N/A
    Computer: WEB2
    Description:
    The Security System detected an authentication error for the server
    DNS/ns1.fiberpipe.com. The failure code from authentication protocol
    Kerberos was "There are currently no logon servers available to service
    the logon request.
    (0xc000005e)".

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 5e 00 00 c0 ^..À

    Followed by:

    Event Type: Warning
    Event Source: LSASRV
    Event Category: SPNEGO (Negotiator)
    Event ID: 40961
    Date: 12/14/2004
    Time: 11:32:20 PM
    User: N/A
    Computer: WEB2
    Description:
    The Security System could not establish a secured connection with the
    server DNS/ns1.fiberpipe.com. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 88 03 00 c0 ˆ..À

    Since I'm running my own DNS server, I am unsure as to why its giving a
    error regarding a DNS/ns1.fiberpipe.com

    Any suggestions?

    Thanks!
    Steve
     
    Steve Grosz, Dec 15, 2004
    #1
    1. Advertisements

  2. Steve Grosz

    Todd J Heron Guest

    I believe your ISP fiberpipe.com, correct? Looks like the NIC in your
    server which has the public IP on it is making your machine trying to
    register in the zone of your ISP (fiberpipe.com). Because your ISP's DNS
    server doesn't have an AD zone for your domain, doesn't support secure
    dynamic DNS updates (and probably doesn't support dynamic DNS updates at
    all), this attempt is failing. Under the TCP/IP properties, point the
    preferred DNS server to itself for DNS and configure a Forwarder to your ISP
    for external DNS resolution.
     
    Todd J Heron, Dec 15, 2004
    #2
    1. Advertisements

  3. Steve Grosz

    Steve Grosz Guest

    I already have a forwarder for DNS domain "all other DNS domains" with
    the IP's of my ISP.

    Steve
     
    Steve Grosz, Dec 15, 2004
    #3
  4. Steve Grosz

    Todd J Heron Guest

    Can you post the unedited results of an ipconfig /all?
     
    Todd J Heron, Dec 15, 2004
    #4
  5. Steve Grosz

    Steve Grosz Guest



    Windows IP Configuration



    Host Name . . . . . . . . . . . . : web2

    Primary Dns Suffix . . . . . . . : computicle.com

    Node Type . . . . . . . . . . . . : Unknown

    IP Routing Enabled. . . . . . . . : No

    WINS Proxy Enabled. . . . . . . . : No

    DNS Suffix Search List. . . . . . : computicle.com



    Ethernet adapter Internal:



    Connection-specific DNS Suffix . : computicle.com

    Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

    Physical Address. . . . . . . . . : 00-11-5B-65-2C-AA

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : 192.168.1.253

    Subnet Mask . . . . . . . . . . . : 255.255.255.0

    Default Gateway . . . . . . . . . : 192.168.1.1

    DNS Servers . . . . . . . . . . . : 192.168.1.253



    Ethernet adapter External:



    Connection-specific DNS Suffix . : computicle.com

    Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX
    NIC (3C905B-TX)

    Physical Address. . . . . . . . . : 00-50-DA-B8-49-BA

    DHCP Enabled. . . . . . . . . . . : No

    IP Address. . . . . . . . . . . . : 209.161.4.76

    Subnet Mask . . . . . . . . . . . : 255.255.255.248

    IP Address. . . . . . . . . . . . : 209.161.4.74

    Subnet Mask . . . . . . . . . . . : 255.255.255.248

    Default Gateway . . . . . . . . . : 209.161.4.73

    DNS Servers . . . . . . . . . . . : 209.161.4.74

    209.161.4.76

    NetBIOS over Tcpip. . . . . . . . : Disabled
     
    Steve Grosz, Dec 15, 2004
    #5
  6. Steve Grosz

    Todd J Heron Guest

    Steve,

    On the external network interface, remove the values for:

    209.161.4.74
    209.161.4.76

    and leave these fields blank. Afterwards, either restart the server, or run
    an ipconfig /flushdns and restart the DNS server service followed by the
    NETLOGON service.
     
    Todd J Heron, Dec 15, 2004
    #6
  7. In
    Yes, remove the ISP's DNS from the NIC, for other reasons, never use your
    ISP's DNS in any NIC for any domain member.
    That won't stop the errors though, you'll have to disable PTR registration
    to stop the errors, or just create a reverse lookup zone for this full IP
    address.
    The Zone name should be "76.4.161.209.in-addr.arpa." (without the quotes)
    This will stop the errors while not conflicting with other reverse lookups.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Dec 15, 2004
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.