Solved

An LDAP client connection was closed because of an error.

Posted on 2008-06-13
4
4,339 Views
Last Modified: 2010-04-21
Hello,

We have a fully updated SBS 2003 server which has a an ASP application on it.  It is a simple environment with the SBS server and 17 workstations on a single domain.   Everything has been working well for the past year, but recently my users have been having problems logging into the ASP application.  When they try to log into the application (using AD authentication), they will be denied access and told that they have an invalid username or password.  If they log out of their computer, they can successfully log into the workstation with their credentials, but still not be able to log into the application.  If the user waits until the next day, they can log into the application.  If we change the user's password, they can log into the application.  I have been investigating this issue and enabled logging of login and logoff events and LDAP events, too.  When the user cannot log into the application, the following appears in the Event Log:
---------------------------------------------------------------------------------
Event Type:      Warning
Event Source:      NTDS LDAP
Event Category:      LDAP Interface
Event ID:      1216
Date:            6/13/2008
Time:            11:54:41 AM
User:            N/A
Computer:      CCSERVER
Description:
Internal event: An LDAP client connection was closed because of an error.
 Client ID:
11968
 Additional Data
Error value:
995 The I/O operation has been aborted because of either a thread exit or an application request.
Internal ID:
c0602efEvent Type:      Information
Event Source:      NTDS LDAP
Event Category:      LDAP Interface
Event ID:      1535
Date:            6/13/2008
Time:            11:29:17 AM
User:            NT AUTHORITY\SYSTEM
Computer:      CCSERVER
Description:
Internal event: The LDAP server returned an error.
 
Additional Data
Error value:
0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
      'CN=Dfs-Configuration,CN=System,DC=crossroadcounseling,DC=local'
------------------------------------------------------------------------------------------------



I ran dcdiag and kccevent failed:
-------------------------------------------------------------------------
      Starting test: kccevent
         * The KCC Event log test
         An Warning Event occured.  EventID: 0x800004C0
            Time Generated: 06/13/2008   12:38:42
            Event String: Internal event: An LDAP client connection was
closed because of an error.
Client ID:
12168
Additional Data
Error value:
995
The I/O operation has been aborted because of either a thread exit or an application request.
Internal ID:
c0602ef
         An Warning Event occured.  EventID: 0x800004C0
            Time Generated: 06/13/2008   12:40:43
            Event String: Internal event: An LDAP client connection was closed because of an error.
Client ID:
12145
Additional Data
Error value:
995
The I/O operation has been aborted because of either a thread exit or an application request.
Internal ID:
c0602ef
         An Warning Event occured.  EventID: 0x800004C0
            Time Generated: 06/13/2008   12:43:13
            Event String: Internal event: An LDAP client connection was closed because of an error.
Client ID:
11918
Additional Data
Error value:
995
The I/O operation has been aborted because of either a thread exit or an application request.
Internal ID:
c0602ef
         An Warning Event occured.  EventID: 0x800004C0
            Time Generated: 06/13/2008   12:44:43
            Event String: Internal event: An LDAP client connection was closed because of an error.
Client ID:
12076
Additional Data
Error value:
995
The I/O operation has been aborted because of either a thread exit or an application request.
Internal ID:
c0602ef
         ......................... CCSERVER failed test kccevent
-----------------------------------------------------------

I also ran repadmin and it reported the following error:

------------------------------------------------------------
Repadmin experienced the following error trying to resolve the DC_NAME: dc*
Error: An error occured:
    Win32 Error 8419(0x20e3): The DSA object could not be found.
-----------------------------------------------------------


Although I have gathered useful information, I have not been able to find any help online about resolving these issues.  I would really appreciate any suggestions.

Thank you,

Mike
0
Comment
Question by:mjgardne
  • 2
4 Comments
 
LVL 2

Expert Comment

by:artisticsoul
ID: 21784010
Do you only have the one server? Is this server a domain controller? At first look this seems to be DNS related. Has anything changed in DNS?

0
 

Author Comment

by:mjgardne
ID: 21784423
Hi,

Yes, it is a very simple network setup with a single Microsoft Small Business Server 2003, which is acting as the DC and provides DNS, DHCP, SQL Server 2005, and IIS (as well as other) services.  Our web app is hosted on this server.  

I looked in the Event Log's DNS tab and did not see any curent DNS warnings or errors, but in mid April there was a series of errors over a seven minute period, but then DNS was happy again...  Here are the errors.  Hopefully they help...

Thanks,

Mike



---------------------------------
Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4004
Date:            4/16/2008
Time:            1:07:08 PM
User:            N/A
Computer:      CCSERVER
Description:
The DNS server was unable to complete directory service enumeration of zone 16.168.192.in-addr.arpa.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    

-------------------------
Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4004
Date:            4/16/2008
Time:            1:07:08 PM
User:            N/A
Computer:      CCSERVER
Description:
The DNS server was unable to complete directory service enumeration of zone _msdcs.crossroadcounseling.local.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    

-----------------------------
Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4004
Date:            4/16/2008
Time:            1:07:08 PM
User:            N/A
Computer:      CCSERVER
Description:
The DNS server was unable to complete directory service enumeration of zone ..  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00               *#..    

----------------
Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            4/16/2008
Time:            1:07:08 PM
User:            N/A
Computer:      CCSERVER
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00               Q...    
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 21843277
4004 and 4015 errors usually result from missing the SRV records in DNS.

Try this:
At the command prompt type:
IPconfig /flushDNS
IPconfig /registerdns
Net stop netlogon
Net start netlogon
0
 

Author Closing Comment

by:mjgardne
ID: 31467095
... Nothing worked, so I rebuilt the server...  But, I think that ChiefIT was on the correct track...
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
heat agent push through GPO 2 34
Funa@india.com 6 394
Scan to email stopped working for 2 clients. 9 39
Can’t delete a file 14 83
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now