mjgardne
asked on
DCDIAG's kccevent test fails
Hello,
We have a very simple network with a single Microsoft Small Business Server 2003, which is acting as the DC and provides DNS, DHCP, SQL Server 2005, and IIS (as well as other) services. Our users are able to log in out of their desktop computers, but a web application that we are using will randomly fail AD authentication, even though the users can log into their workstations. I have been investigating this issue, which seems to be related to LDAP or DNS. When I ran DCDIAG, the kccevent test failed with the following message:
--------------------------
A Warning event occured. EventID: 0x800004C0
Event String: Internal event: An LDAP Client connection was closed because of an error.
Client Id: 12168
Additional Data: Error Value: 995. The I/O operation has been aborted because of either a thread exit or an application request.
--------------------------
I've cleared the Kerberos cache and have reviewed DNS configuration. When I do an nslookup on our DC object GUID._msdcs.OURDOMAIN.org,
I have scoured the Internet for ideas about how to correct the error that I've mentioned, but haven't found an answer for a simple, single DC situation. I am also unsure whether the results of my nslookup are correct. The first part seems good, but the non-authoritative answer seems strange to me. I'd really appreciate any help.
Thanks,
Mike
nslookuptest.txt
DNSInfo.jpg
We have a very simple network with a single Microsoft Small Business Server 2003, which is acting as the DC and provides DNS, DHCP, SQL Server 2005, and IIS (as well as other) services. Our users are able to log in out of their desktop computers, but a web application that we are using will randomly fail AD authentication, even though the users can log into their workstations. I have been investigating this issue, which seems to be related to LDAP or DNS. When I ran DCDIAG, the kccevent test failed with the following message:
--------------------------
A Warning event occured. EventID: 0x800004C0
Event String: Internal event: An LDAP Client connection was closed because of an error.
Client Id: 12168
Additional Data: Error Value: 995. The I/O operation has been aborted because of either a thread exit or an application request.
--------------------------
I've cleared the Kerberos cache and have reviewed DNS configuration. When I do an nslookup on our DC object GUID._msdcs.OURDOMAIN.org,
I have scoured the Internet for ideas about how to correct the error that I've mentioned, but haven't found an answer for a simple, single DC situation. I am also unsure whether the results of my nslookup are correct. The first part seems good, but the non-authoritative answer seems strange to me. I'd really appreciate any help.
Thanks,
Mike
nslookuptest.txt
DNSInfo.jpg
ChiefIT
Multihomed can certainly be an issue:
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Mike:
I don't think you are out of the woods yet. So, I would like to stick with you.
Multihomed servers could appear to work for a couple minutes, days, weeks months or years and not seem to have a problem. As soon as NIC one is busy, and your clients revert to NIC 2 or IP2, you will have the same problems.
Can you tell me what the seocnd nic is used for? Most domains one really need one nic per server. Disabling the Second NIC and eleviating the problems associated with a muli-homed server could prevent from future problems.
I don't think you are out of the woods yet. So, I would like to stick with you.
Multihomed servers could appear to work for a couple minutes, days, weeks months or years and not seem to have a problem. As soon as NIC one is busy, and your clients revert to NIC 2 or IP2, you will have the same problems.
Can you tell me what the seocnd nic is used for? Most domains one really need one nic per server. Disabling the Second NIC and eleviating the problems associated with a muli-homed server could prevent from future problems.