Can't logon SBS domain

We have a Windows 2003 SBS and other two Terminal servers. No one cant logon the TS using RDC over the Internet or over VPN. When we try, we will receive this error: "The system cannot log you on due to the following error: Access is denied".

However, we can local the TS using local computer username. We can also logon the SBS using domain account. But no computer including SBS can access the Internet.

What we have done:
1. Rebooted all servers.
2. Rebooted all hardware such as router and switch.
3. Run netdiag and dcdiag. No errors.
4. nslookup doesn't show any errors and we can ping any web sites.
5. We have tried clean boot.
6. We have run CEICW
7. The TS have the following Event ID
Event ID: 1219 - Logon rejected for chicagotech\BobLin. Unable to obtain Terminal Server User Configuration. Error: Access is denied.

Event ID: 40960 - The Security System detected an authentication error for the server LDAP/domainname. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.

(0xc000005e)".

What could be the problem?
LVL 7
blin2000Asked:
Who is Participating?
 
blin2000Connect With a Mentor Author Commented:
I have opened a case with Microsoft. Here is the case link: Unable to login to 2003 Terminal Servers - http://www.chicagotech.net/netforums/viewtopic.php?p=9618#9618
0
 
acromentConnect With a Mentor Commented:
Are your servers up to date with patches, service packs, and updates?

Also, can you confirm that all services set to start automaticlly are started?

-Eric
0
 
ormerodrutterCommented:
Have you put your users into the Mobile Users (or Remote Desktop Users) group?

You said in your question - "But no computer including SBS can access the Internet." is it another issue? No one has internet within your SBS network, or no one can log onto the TS?


0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
blin2000Author Commented:
1. We can't access the internet so that we can't install any update.
2. I have checked all services are starting and no errors in the event viewer relatd to any services stpped.
3. Yes all users are mobile users and I log on use administrator account.
4. I have feeling can't logon and no internet access are the same issue.
5. I can VPN in to the office to logon TS using local computer account.

Any other suggestions.
0
 
ormerodrutterCommented:
If you can logon to TS locally but not remotely, and you don't have internet access in the office then the two can be related, although not definite. Do you have internet access before?

Check your physical connection again, I have seen case where people plug their modem in an empty socket. Make sure you have broadband activated on the line. Open the configuration page of your router/modem and see if you got signal.
0
 
acromentCommented:
What is your internet setup like?

What kind of firewall are you using?
When you run the CEIC wizard, does it give you any errors?

On your server, from a command prompt, can you run IPconfig /all and make sure that the default gateway is your firewall and that the DNS server is set to be your SBS server.

-Eric
0
 
blin2000Author Commented:
1. Yes, we did have the INternet access.
2. Event the inside compuetrs can't access the Internet, i can VPN in and I can ping any web sites.
3. No error message when running CEICW.
4. No one in the office until the weekend.

Here are the results of ipconfig /all and tracert on the SBS.

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

H:\>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SBS
   Primary Dns Suffix  . . . . . . . : chicagotech.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : chicagotech.local

PPP adapter RAS Server (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
   Physical Address. . . . . . . . . : 00-53-45-00-00-00
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.88.78.116
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-0E-0C-3E-B2-7E
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.88.78.220
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.88.78.1
   DNS Servers . . . . . . . . . . . : 10.88.78.220
   Primary WINS Server . . . . . . . : 10.88.78.220

H:\>tracert chicagotech.net

Tracing route to chicagotech.net [69.89.25.174]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  10.88.78.1
  2    30 ms     5 ms     7 ms  c-3-0-ubr01.maynard.ma.boston.comcast.net [73.17
1.192.1]
  3     5 ms     8 ms     6 ms  ge-2-3-ur01.londonderry.nh.boston.comcast.net [6
8.86.227.225]
  4     8 ms     7 ms     7 ms  te-9-2-ar01.needham.ma.boston.comcast.net [68.87
.146.194]
  5    10 ms    11 ms    10 ms  68.85.162.70
  6    14 ms    13 ms    14 ms  pos-1-6-0-0-cr01.newyork.ny.ibone.comcast.net [6
8.86.90.61]
  7    13 ms    14 ms    14 ms  te2-6.mpd01.jfk05.atlas.cogentco.com [154.54.12.
205]
  8    15 ms    13 ms    14 ms  te8-4.ccr01.jfk02.atlas.cogentco.com [154.54.5.2
09]
  9    22 ms     *        *     te2-4.mpd01.bos01.atlas.cogentco.com [154.54.5.2
49]
 10    40 ms    41 ms    42 ms  te2-2.mpd01.ord01.atlas.cogentco.com [154.54.6.1
8]
 11    52 ms    51 ms    52 ms  te9-8.mpd01.mci01.atlas.cogentco.com [154.54.7.1
38]
 12    62 ms    64 ms    64 ms  te4-4.mpd01.den01.atlas.cogentco.com [154.54.24.
81]
 13   101 ms   101 ms   101 ms  te4-2.ccr01.slc01.atlas.cogentco.com [154.54.0.4
2]
 14   102 ms   103 ms   102 ms  vl3504.na31.b020767-1.slc01.atlas.cogentco.com [
38.20.34.178]
 15   103 ms   104 ms   103 ms  38.104.174.30
 16   103 ms   104 ms   103 ms  box174.bluehost.com [69.89.25.174]

Trace complete.

0
 
blin2000Author Commented:
fixed by opening a case with MS.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.