The Security System detected an attempted downgrade attack

Posted on 2004-08-25
Last Modified: 2013-12-07
I am getting the following errors on all PC’s when loading Windows.
We are running XP Profesional PC's with Windows 2000 Server(Service Pack 4)
The login script will not run.
Users are able to logoff/login succesfully after first the first login fails.
Event Type:     Warning
Event Source:     LSASRV
Event Category:     SPNEGO (Negotiator)
Event ID:     40960
Date:          8/24/2004
Time:          3:10:31 PM
User:          N/A
Computer:     DRAKELAP005
The Security System detected an attempted downgrade attack for server cifs/  The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
Question by:cookd47
  • 5

Expert Comment

ID: 11899685
have you run windows update on all your servers and workstations to the latest critical updates/service packs?

Sounds like there is no domain controller to authenticate the users or at least the client cant find the server for some reason. any changes made to your netwtork/servers recently?

Author Comment

ID: 11899723
There is only one Domain Controller. Once windows is loaded, you can logoff, and login and there is no problem. I have removed, and added Machine accounts, Ran SP4 again.
The problem started when four PC's were replaced. There are other errors as well:

Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 8/24/2004
Time: 3:10:23 PM
User: N/A
Computer: DRAKELAP005
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.


Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 8/24/2004
Time: 3:10:19 PM
User: N/A
Computer: DRAKELAP005
No Domain Controller is available for domain DCW2K due to the following:
There are currently no logon servers available to service the logon request. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator

This seems like some type of delay in the authentication process. I have another open question on the original problem. I am going to install Windows 2000 Resource Kit, and try some of the tools.

Author Comment

ID: 11899725
When the users have a succesful login( script runs; drives mapped), there are no errors in the event log.
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

LVL 20

Accepted Solution

Debsyl99 earned 500 total points
ID: 11905511

Have you configured the time service at all ie for the PC's to sync from the DC? Authentication is critically dependent on time syncing across the domain ie from a command prompt on a client run

net time (enter)
and see what it says - it should report the time at its authoritative time source. Then try

net time /setsntp:yourservername  (enter)

Also make sure the windows time service is running on DC and clients. Are the clients able to ping the DC by IP and name ok?

A resolution problem may cause the clients to be unable to sync,

Let us know

Deb :))

Author Comment

ID: 11906498
Thanks for the comments, I will be back on site Friday afternoon.

Author Comment

ID: 11957474
I will be back on site 9/2/04 in afternoon

Author Comment

ID: 12217876
Although the tie Service was a symptom, it was not the problem. I had the same issue come up at another client...although a complete rebuild solved the problem, the issue is still open

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Let’s list some of the technologies that enable smooth teleworking. 
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question