[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
Question
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
7.8

W2K3 AD / DC problem: event 4 (kerberos), 4000/4013 (DNS)

Asked by 2good2 in Windows 2003 Server

Tags: kerberos, event, id, 4

Hi,

I have 4 W2K3 DC with one server suddenly (after a disk crash) failing. This server, with ISA 2000 and Exchange 2003 installed, has now a some problems:

1. SP1 can't be (re)installed. Error: "cannot find teh file specified"
2. WindowsUpdate is not working (even though security in IE is low)
3. DNS is not working >>> event 4000 + 4013
4. Kerberos error >>> 4 The kerberos client received a KRB_AP_ERR_MODIFIED error...
etc.

A small list of complete errors:

Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      4
Date:            8-6-2005
Time:            16:53:11
User:            N/A
Computer:      SERVERB
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/serverb.domain.local.  The target name used was ldap/SERVERB.DOMAIN.LOCAL/DOMAIN.LOCAL@DOMAIN.LOCAL. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (DOMAIN.LOCAL), and the client realm.   Please contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5781
Date:            8-6-2005
Time:            16:49:10
User:            N/A
Computer:      SERVERB
Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.DOMAIN.LOCAL.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    


Event Type:      Warning
Event Source:      NTDS KCC
Event Category:      Knowledge Consistency Checker
Event ID:      1865
Date:            8-6-2005
Time:            17:21:29
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVERB
Description:
The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.
 
Sites:
CN=PWI,CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL
 
 
 
 
 
 


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Event Type:      Error
Event Source:      NTDS KCC
Event Category:      Knowledge Consistency Checker
Event ID:      1311
Date:            8-6-2005
Time:            17:21:29
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVERB
Description:
The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
 
Directory partition:
CN=Configuration,DC=DOMAIN,DC=LOCAL
 
There is insufficient site connectivity information in Active Directory Sites and Services for the KCC to create a spanning tree replication topology. Or, one or more domain controllers with this directory partition are unable to replicate the directory partition information. This is probably due to inaccessible domain controllers.
 
User Action
Use Active Directory Sites and Services to perform one of the following actions:
- Publish sufficient site connectivity information so that the KCC can determine a route by which this directory partition can reach this site. This is the preferred option.
- Add a Connection object to a domain controller that contains the directory partition in this site from a domain controller that contains the same directory partition in another site.
 
If neither of the Active Directory Sites and Services tasks correct this condition, see previous events logged by the KCC that identify the inaccessible domain controllers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Warning
Event Source:      NTDS KCC
Event Category:      Knowledge Consistency Checker
Event ID:      1566
Date:            8-6-2005
Time:            17:21:29
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SERVERB
Description:
All domain controllers in the following site that can replicate the directory partition over this transport are currently unavailable.
 
Site:
CN=PWI,CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL
Directory partition:
CN=Configuration,DC=DOMAIN,DC=LOCAL
Transport:
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=DOMAIN,DC=LOCAL

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4000
Date:            8-6-2005
Time:            17:13:54
User:            N/A
Computer:      SERVERB
Description:
The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 23 00 00               -#..    


Event Type:      Warning
Event Source:      DNS
Event Category:      None
Event ID:      4013
Date:            8-6-2005
Time:            17:13:54
User:            N/A
Computer:      SERVERB
Description:
The DNS server was unable to open the Active Directory.  This DNS server is configured to use directory service information and can not operate without access to the directory.  The DNS server will wait for the directory to start.  If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 23 00 00               -#..    


Event Type:      Warning
Event Source:      NtFrs
Event Category:      None
Event ID:      13562
Date:            8-6-2005
Time:            16:51:05
User:            N/A
Computer:      SERVERB
Description:
Following is the summary of warnings and errors encountered by File Replication Service while polling the Domain Controller SERVERB.DOMAIN.LOCAL for FRS replica set configuration information.
 
 Could not bind to a Domain Controller. Will try again at next polling cycle.

 


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



Any idea how I can solve this as quick as possible?

Thanks!
[+][-]06/08/05 05:28 PM, ID: 14175968Accepted Solution

View this solution now by starting your 30-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

About this solution

Zone: Windows 2003 Server
Tags: kerberos, event, id, 4
Sign Up Now!
Solution Provided By: Netman66
Participating Experts: 1
Solution Grade: B
 
[+][-]06/08/05 01:25 PM, ID: 14174343Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06/08/05 01:41 PM, ID: 14174483Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/08/05 01:57 PM, ID: 14174630Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/09/05 08:12 PM, ID: 14185474Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/10/05 12:19 PM, ID: 14191707Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06/10/05 06:40 PM, ID: 14193848Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/11/05 09:31 AM, ID: 14195666Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06/12/05 05:04 PM, ID: 14199260Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/12/05 06:25 PM, ID: 14199437Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]06/12/05 10:47 PM, ID: 14200021Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]06/13/05 07:21 PM, ID: 14208380Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091111-EE-VQP-92