Solved

Error connecting to workstation

Posted on 2008-10-13
10
305 Views
Last Modified: 2010-04-21
SBS 2003 shows the events below on only one of about 30 workstations on our LAN.
It shows this every morning when the operator logs on.

The workstation [referred to in the error messages as "XXXX"] is running XP Pro SP3.

This workstation is the only workstation that shows the correct [real world] time. Even our servers are about 17 minutes ahead of real time as are all of the other workstations. There is some problem that has existed for years that keeps our system at +17 minutes. It has never been a problem...just a little pain.

I can find nothing on the workstation that would account for this discrepancy in the time.
There is no problem with this workstation connecting to the LAN or Internet. There are no hardware issues.

The time thing is one part of the issue.
The other part is that the error messages keep referring to XXXX as a "server".
That bothers me.
I have never seen any of the other workstations referred to as a server on our LAN.

Is there a reason for concern?
Is it possible that this workstation is trying to work as a server in some capacity, maybe as a bot?
I have run SpywareDoctor, Spybot S&D, Adaware, HijackThis, & RootKit Revealer and found nothing.



Event Type:	Error

Event Source:	Kerberos

Event Category:	None

Event ID:	5

Date:		10/13/2008

Time:		7:41:45 AM

User:		N/A

Computer:	[SERVER]

Description:

The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server XXXX$.  This indicates that the ticket used against that server is not yet valid (in relationship to that server time).  Contact your system administrator  to make sure the client and server times are in sync, and that the KDC in realm DOMAIN.OFFICE is  in sync with the KDC in the client realm.
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
 
 

Event Type:	Warning

Event Source:	LSASRV

Event Category:	SPNEGO (Negotiator) 

Event ID:	40960

Date:		10/13/2008

Time:		7:41:46 AM

User:		N/A

Computer:	[SERVER]

Description:

The Security System detected an authentication error for the server cifs/ XXXX.DOMAIN.office.  The failure code from authentication protocol Kerberos was "{Operation Failed}

The requested operation was unsuccessful.

 (0xc0000001)".
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 01 00 00 c0               ...À    
 
 
 

Event Type:	Warning

Event Source:	LSASRV

Event Category:	SPNEGO (Negotiator) 

Event ID:	40960

Date:		10/13/2008

Time:		8:01:48 AM

User:		N/A

Computer:	[SERVER]

Description:

The Security System detected an authentication error for the server cifs/ XXXX.  The failure code from authentication protocol Kerberos was "{Operation Failed}

The requested operation was unsuccessful.

 (0xc0000001)".
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 01 00 00 c0               ...À

Open in new window

0
Comment
Question by:Horn E. Towed
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22703775
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22703779
IIS 6.0: DCPROMO Does Not Retain Permissions on Some IIS Folders
http://support.microsoft.com/?kbid=332097
0
 
LVL 10

Author Comment

by:Horn E. Towed
ID: 22704199
Sort of a "shotgun blast" approach to anything than might refer to part of the problem, huh?

Most of that ^ doesn't refer to my issues at all.   :-\


0
 
LVL 16

Accepted Solution

by:
GUEEN earned 300 total points
ID: 22706900
This is easy!  My advice to you is to get your servers straight with a time server first, then the workstations need to be addressed.

Next you need to be sure that your server time is syncing correctly with a time server - this is of utmost importance for time stamps, etc...
http://support.microsoft.com/kb/816042

net time /domain:[domainname] on each workstation - see http://windowsitpro.com/article/articleid/72203/jsi-tip-0879-net-time--domaindomainname-does-not-work-as-expected.html


 

0
 
LVL 2

Assisted Solution

by:SAIonline
SAIonline earned 197 total points
ID: 22707058
The default time difference Kerberos will allow is 5 minutes.  I would say set the time on the affected PC to within 5 minutes of the server and that should clear the 40960 error.  

cmd - Net Time \\"servername" /SET should match the pc to the server

Then go with the first link from Shekerra to set the overall time.  
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 10

Author Comment

by:Horn E. Towed
ID: 22707830
We have had people look at the time thing before I got served these servers.
They were unable to find the problem.

I'll look into it bit more tomorrow or when  I get the time.

I still don't understand why this one workstation does not sync with the servers' time, though.
All of the others do.

Also what is the deal with the server calling this workstation a server?
0
 
LVL 10

Author Comment

by:Horn E. Towed
ID: 22711585
No time to address this today.
I have Exchange issues [and so does the server]

I'll be back.
0
 
LVL 16

Expert Comment

by:GUEEN
ID: 22711942
I absolutely hate this editor - grrrrrrrrrr.
Too many times when I attempt to paste a link here it deletes all prior information...  

Maybe you just need a hotfix


Or maybe it is a registry setting?
\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters
MaintainServerList

change value to    NO
0
 
LVL 10

Author Comment

by:Horn E. Towed
ID: 22761906
ping
0
 
LVL 10

Author Closing Comment

by:Horn E. Towed
ID: 31505598
We got the time thing straightened out somehow.
Good info from shek & good Kerberos info from SAI.
Both helped. Gracias!
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now