?
Solved

Error connecting to workstation

Posted on 2008-10-13
10
Medium Priority
?
312 Views
Last Modified: 2010-04-21
SBS 2003 shows the events below on only one of about 30 workstations on our LAN.
It shows this every morning when the operator logs on.

The workstation [referred to in the error messages as "XXXX"] is running XP Pro SP3.

This workstation is the only workstation that shows the correct [real world] time. Even our servers are about 17 minutes ahead of real time as are all of the other workstations. There is some problem that has existed for years that keeps our system at +17 minutes. It has never been a problem...just a little pain.

I can find nothing on the workstation that would account for this discrepancy in the time.
There is no problem with this workstation connecting to the LAN or Internet. There are no hardware issues.

The time thing is one part of the issue.
The other part is that the error messages keep referring to XXXX as a "server".
That bothers me.
I have never seen any of the other workstations referred to as a server on our LAN.

Is there a reason for concern?
Is it possible that this workstation is trying to work as a server in some capacity, maybe as a bot?
I have run SpywareDoctor, Spybot S&D, Adaware, HijackThis, & RootKit Revealer and found nothing.



Event Type:	Error
Event Source:	Kerberos
Event Category:	None
Event ID:	5
Date:		10/13/2008
Time:		7:41:45 AM
User:		N/A
Computer:	[SERVER]
Description:
The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server XXXX$.  This indicates that the ticket used against that server is not yet valid (in relationship to that server time).  Contact your system administrator  to make sure the client and server times are in sync, and that the KDC in realm DOMAIN.OFFICE is  in sync with the KDC in the client realm.
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
 
Event Type:	Warning
Event Source:	LSASRV
Event Category:	SPNEGO (Negotiator) 
Event ID:	40960
Date:		10/13/2008
Time:		7:41:46 AM
User:		N/A
Computer:	[SERVER]
Description:
The Security System detected an authentication error for the server cifs/ XXXX.DOMAIN.office.  The failure code from authentication protocol Kerberos was "{Operation Failed}
The requested operation was unsuccessful.
 (0xc0000001)".
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 01 00 00 c0               ...À    
 
 
 
Event Type:	Warning
Event Source:	LSASRV
Event Category:	SPNEGO (Negotiator) 
Event ID:	40960
Date:		10/13/2008
Time:		8:01:48 AM
User:		N/A
Computer:	[SERVER]
Description:
The Security System detected an authentication error for the server cifs/ XXXX.  The failure code from authentication protocol Kerberos was "{Operation Failed}
The requested operation was unsuccessful.
 (0xc0000001)".
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 01 00 00 c0               ...À

Open in new window

0
Comment
Question by:Prester John
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22703779
IIS 6.0: DCPROMO Does Not Retain Permissions on Some IIS Folders
http://support.microsoft.com/?kbid=332097
0
 
LVL 10

Author Comment

by:Prester John
ID: 22704199
Sort of a "shotgun blast" approach to anything than might refer to part of the problem, huh?

Most of that ^ doesn't refer to my issues at all.   :-\


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 16

Accepted Solution

by:
GUEEN earned 1200 total points
ID: 22706900
This is easy!  My advice to you is to get your servers straight with a time server first, then the workstations need to be addressed.

Next you need to be sure that your server time is syncing correctly with a time server - this is of utmost importance for time stamps, etc...
http://support.microsoft.com/kb/816042

net time /domain:[domainname] on each workstation - see http://windowsitpro.com/article/articleid/72203/jsi-tip-0879-net-time--domaindomainname-does-not-work-as-expected.html


 

0
 
LVL 2

Assisted Solution

by:SAIonline
SAIonline earned 788 total points
ID: 22707058
The default time difference Kerberos will allow is 5 minutes.  I would say set the time on the affected PC to within 5 minutes of the server and that should clear the 40960 error.  

cmd - Net Time \\"servername" /SET should match the pc to the server

Then go with the first link from Shekerra to set the overall time.  
0
 
LVL 10

Author Comment

by:Prester John
ID: 22707830
We have had people look at the time thing before I got served these servers.
They were unable to find the problem.

I'll look into it bit more tomorrow or when  I get the time.

I still don't understand why this one workstation does not sync with the servers' time, though.
All of the others do.

Also what is the deal with the server calling this workstation a server?
0
 
LVL 10

Author Comment

by:Prester John
ID: 22711585
No time to address this today.
I have Exchange issues [and so does the server]

I'll be back.
0
 
LVL 16

Expert Comment

by:GUEEN
ID: 22711942
I absolutely hate this editor - grrrrrrrrrr.
Too many times when I attempt to paste a link here it deletes all prior information...  

Maybe you just need a hotfix


Or maybe it is a registry setting?
\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters
MaintainServerList

change value to    NO
0
 
LVL 10

Author Comment

by:Prester John
ID: 22761906
ping
0
 
LVL 10

Author Closing Comment

by:Prester John
ID: 31505598
We got the time thing straightened out somehow.
Good info from shek & good Kerberos info from SAI.
Both helped. Gracias!
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question