Solved

The Security System detected an attempted downgrade attack

Posted on 2004-08-25
7
9,291 Views
Last Modified: 2013-12-07
I am getting the following errors on all PC’s when loading Windows.
We are running XP Profesional PC's with Windows 2000 Server(Service Pack 4)
The login script will not run.
Users are able to logoff/login succesfully after first the first login fails.
Event Type:     Warning
Event Source:     LSASRV
Event Category:     SPNEGO (Negotiator)
Event ID:     40960
Date:          8/24/2004
Time:          3:10:31 PM
User:          N/A
Computer:     DRAKELAP005
Description:
The Security System detected an attempted downgrade attack for server cifs/servername.domain.com.  The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
 (0xc000005e)".
0
Comment
Question by:cookd47
  • 5
7 Comments
 
LVL 1

Expert Comment

by:slapshot45
ID: 11899685
have you run windows update on all your servers and workstations to the latest critical updates/service packs?

Sounds like there is no domain controller to authenticate the users or at least the client cant find the server for some reason. any changes made to your netwtork/servers recently?
0
 

Author Comment

by:cookd47
ID: 11899723
There is only one Domain Controller. Once windows is loaded, you can logoff, and login and there is no problem. I have removed, and added Machine accounts, Ran SP4 again.
The problem started when four PC's were replaced. There are other errors as well:

Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 8/24/2004
Time: 3:10:23 PM
User: N/A
Computer: DRAKELAP005
Description:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.

AND:


Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 8/24/2004
Time: 3:10:19 PM
User: N/A
Computer: DRAKELAP005
Description:
No Domain Controller is available for domain DCW2K due to the following:
There are currently no logon servers available to service the logon request. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator

This seems like some type of delay in the authentication process. I have another open question on the original problem. I am going to install Windows 2000 Resource Kit, and try some of the tools.
0
 

Author Comment

by:cookd47
ID: 11899725
Note:
When the users have a succesful login( script runs; drives mapped), there are no errors in the event log.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 20

Accepted Solution

by:
Debsyl99 earned 500 total points
ID: 11905511
Hi

Have you configured the time service at all ie for the PC's to sync from the DC? Authentication is critically dependent on time syncing across the domain ie from a command prompt on a client run

net time (enter)
and see what it says - it should report the time at its authoritative time source. Then try

net time /setsntp:yourservername  (enter)

Also make sure the windows time service is running on DC and clients. Are the clients able to ping the DC by IP and name ok?

A resolution problem may cause the clients to be unable to sync,

Let us know

Deb :))
0
 

Author Comment

by:cookd47
ID: 11906498
Thanks for the comments, I will be back on site Friday afternoon.
0
 

Author Comment

by:cookd47
ID: 11957474
I will be back on site 9/2/04 in afternoon
0
 

Author Comment

by:cookd47
ID: 12217876
Although the tie Service was a symptom, it was not the problem. I had the same issue come up at another client...although a complete rebuild solved the problem, the issue is still open
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Load balancing - basic design/questions for customer request 4 64
Looking for open port with Telnet 5 60
Can't ping New Linux Servers 40 66
Nimble Storage 3 69
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question