Solved

How to I fix event ID 40960 lsasrv spenego on my domain controller?

Posted on 2008-06-12
5
13,872 Views
Last Modified: 2011-07-17
We have a domain controller (with dns, dchp, wins services in same box) that has been perfectly performing well in the past 2 months. I have other member serviers in the domain,  carrying out services like exchange 2003, sps, and file servers. Three days ago I establiished a two way thrust with another domain, external, non-transitive. They seemed to be ok until this morning when I turned on the servers due to several power interruptions last night that was not monitored.

I noticed that the servers and the client PCs in my domain, cannot log-in to the domain. At first it takes a long time to load connection settings and a warning appears that some services failed to run during start up. Looking at the event viewer, Ievent ID 40960 lsasrv spnego is warned. Several netlogon errors and a time errror too. The MS exchange 2003 fails to start up and it says something about a compromise in the account security of windows in windows active directory. I suspect this has to do with a problem in the kerberos.

I tried to remove the trust between the two domains hoping to restore my domain but still the same errors/ warnings appear. I supect this has to do with the Kerberos Key Distribution Center Service (KDC) so I tried to restart the service, but still I didn't work. DCdiag is doing well in the domain controller, but netdiag in the other servers gives out a lot of errors to include unable to contact domain controller. I can ping and do nslookup.
0
Comment
Question by:ninzsantos
5 Comments
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 21773309
Have you checked out this article?

http://support.microsoft.com/kb/891559/en-us
0
 

Author Comment

by:ninzsantos
ID: 21821082
Thanks for replying! I just want to closed this question we already resolved the problem.
0
 

Author Closing Comment

by:ninzsantos
ID: 31466495
Thanks again!!!
0
 
LVL 6

Expert Comment

by:rjunaid79
ID: 32640303
What was the resolution.
0
 

Expert Comment

by:ByZeitgeist
ID: 36203493
And? Where is fix solutions?
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question