Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

The Local Security Authority cannot be contacted

Posted on 2008-06-25
9
4,572 Views
Last Modified: 2009-04-16
hello,

If a domain user logs into our intranet it gets the message: The Local Security Authority cannot be contacted. This states that he can log in but something is wrong. Domain administrators do not get this message. The domain users are local admins on the webserver.
I have run the diagnosticstool:
 SPNs for CN=AFASDB01,CN=Computers,DC=APOLLO,DC=LOCAL:
  krbtgt/afasdb01
  krbtgt/afasdb01.apollo.local
  http/afasdb01.apollo.local
  http/afasdb01
  host/afasdb01.apollo.local
  host/afasdb01
  www/afasdb01.apollo.local
  www/afasdb01
 ServiceName = krbtgt APOLLO.LOCAL  
 TargetName = krbtgt APOLLO  
 ClientName = Administrator  
 DomainName = APOLLO.LOCAL
 TargetDomainName = APOLLO.LOCAL
 AltTargetDomainName = APOLLO.LOCAL
 Diagnostics complete

So this is al oke... The user is able to log in locally!
What am i missing?
0
Comment
Question by:blaadje
  • 5
  • 2
  • 2
9 Comments
 
LVL 2

Expert Comment

by:sirbob2000
ID: 21864779
have you tried the case 4 solution here;

http://support.microsoft.com/kb/813550
0
 
LVL 2

Expert Comment

by:sirbob2000
ID: 21864833
Also - what are your IIS authentication settings?
0
 
LVL 1

Author Comment

by:blaadje
ID: 21865194
integrated windows authentication
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 1

Author Comment

by:blaadje
ID: 21865232
i do not use ISA what is that?
0
 
LVL 1

Author Comment

by:blaadje
ID: 21897360
anyone??
0
 
LVL 1

Accepted Solution

by:
blaadje earned 0 total points
ID: 21923565
I found where the problem comes from. When i limit the user to only logon to the webserver it gives this error. When i let the user logon to all computers it works. But i dont want this... Is there a way to prefent this?
0
 

Expert Comment

by:Bobhardyoyo
ID: 24155908
Hi Blaadje

Did you ever find a way to get this to work with out allowing logon to all computers, I am in the same situation.

Thanks
Bob
0
 
LVL 1

Author Comment

by:blaadje
ID: 24155930
nope this is the only solution i have found. its crap i know but it works
0
 

Expert Comment

by:Bobhardyoyo
ID: 24156102
That's a shame, seems a bit nuts you have to open up like that to allow access to a website but as you say at least it works.

Thanks for getting back to me so fast!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question