Solved

How to I fix event ID 40960 lsasrv spenego on my domain controller?

Posted on 2008-06-12
5
13,848 Views
Last Modified: 2011-07-17
We have a domain controller (with dns, dchp, wins services in same box) that has been perfectly performing well in the past 2 months. I have other member serviers in the domain,  carrying out services like exchange 2003, sps, and file servers. Three days ago I establiished a two way thrust with another domain, external, non-transitive. They seemed to be ok until this morning when I turned on the servers due to several power interruptions last night that was not monitored.

I noticed that the servers and the client PCs in my domain, cannot log-in to the domain. At first it takes a long time to load connection settings and a warning appears that some services failed to run during start up. Looking at the event viewer, Ievent ID 40960 lsasrv spnego is warned. Several netlogon errors and a time errror too. The MS exchange 2003 fails to start up and it says something about a compromise in the account security of windows in windows active directory. I suspect this has to do with a problem in the kerberos.

I tried to remove the trust between the two domains hoping to restore my domain but still the same errors/ warnings appear. I supect this has to do with the Kerberos Key Distribution Center Service (KDC) so I tried to restart the service, but still I didn't work. DCdiag is doing well in the domain controller, but netdiag in the other servers gives out a lot of errors to include unable to contact domain controller. I can ping and do nslookup.
0
Comment
Question by:ninzsantos
5 Comments
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 21773309
Have you checked out this article?

http://support.microsoft.com/kb/891559/en-us
0
 

Author Comment

by:ninzsantos
ID: 21821082
Thanks for replying! I just want to closed this question we already resolved the problem.
0
 

Author Closing Comment

by:ninzsantos
ID: 31466495
Thanks again!!!
0
 
LVL 6

Expert Comment

by:rjunaid79
ID: 32640303
What was the resolution.
0
 

Expert Comment

by:ByZeitgeist
ID: 36203493
And? Where is fix solutions?
0

Join & Write a Comment

Suggested Solutions

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now