How to I fix event ID 40960 lsasrv spenego on my domain controller?
Posted on 2008-06-12
We have a domain controller (with dns, dchp, wins services in same box) that has been perfectly performing well in the past 2 months. I have other member serviers in the domain, carrying out services like exchange 2003, sps, and file servers. Three days ago I establiished a two way thrust with another domain, external, non-transitive. They seemed to be ok until this morning when I turned on the servers due to several power interruptions last night that was not monitored.
I noticed that the servers and the client PCs in my domain, cannot log-in to the domain. At first it takes a long time to load connection settings and a warning appears that some services failed to run during start up. Looking at the event viewer, Ievent ID 40960 lsasrv spnego is warned. Several netlogon errors and a time errror too. The MS exchange 2003 fails to start up and it says something about a compromise in the account security of windows in windows active directory. I suspect this has to do with a problem in the kerberos.
I tried to remove the trust between the two domains hoping to restore my domain but still the same errors/ warnings appear. I supect this has to do with the Kerberos Key Distribution Center Service (KDC) so I tried to restart the service, but still I didn't work. DCdiag is doing well in the domain controller, but netdiag in the other servers gives out a lot of errors to include unable to contact domain controller. I can ping and do nslookup.