ISA 2006 problems
I have ISA server 2006 sp1 on windows 2003 sp2 working in Active directory Domain
having the errors
Kerberos Event ID 4 and Event ID 5719 Authentication failure ( tried to test with \\domain name\sysvol\domain name give logon failure)
puplished exchange server donot work ( out side users web logon or pop3 report that they cannot access the mail and keep asking about the password again and again all internal users have no problems working with MAPI and connected directly to exchange server) I think this problem related to the event ID 4 and 5719
All internal users can access internet without problem
all other servers have no problem related to Active directory domain controllers or member servers
having the errors
Kerberos Event ID 4 and Event ID 5719 Authentication failure ( tried to test with \\domain name\sysvol\domain name give logon failure)
puplished exchange server donot work ( out side users web logon or pop3 report that they cannot access the mail and keep asking about the password again and again all internal users have no problems working with MAPI and connected directly to exchange server) I think this problem related to the event ID 4 and 5719
All internal users can access internet without problem
all other servers have no problem related to Active directory domain controllers or member servers
ChiefIT
How many nics do you have?
ASKER
I have 2 NICs Cars
That might be the issue, instead of ISA.
Nics bind certain services and communications protocols to it. So, if you have two nics, the server might be confused.
ISA is a prolific firewall that will block connections unless configured right. However, if two nics are on the server, you may be looking at the server looking happy, but is confused as to what nic it needs to go out on for proper communications. Usually when I see the error of 5719, it means that the server is confused as to what nic it needs to go out on for these services, while the client is hounding it for services. Also, it could mean that you are using 2003 server SP1 and the MTU channels are incorrect.
Let me give you a thread to go to. This will allow you to look at the communications protocols needed for domain services. This includes, DHCP, DNS, netbios and internet services through a gateway. Please follow the steps to configuring both nics. If at all possible, disable the second nic thereafter. Only one connection to a small domain of, let's say 250 nodes or less, is needed.
https://www.experts-exchange.com/questions/23806816/How-do-I-enable-DHCP-on-only-one-network-interface.html
Nics bind certain services and communications protocols to it. So, if you have two nics, the server might be confused.
ISA is a prolific firewall that will block connections unless configured right. However, if two nics are on the server, you may be looking at the server looking happy, but is confused as to what nic it needs to go out on for proper communications. Usually when I see the error of 5719, it means that the server is confused as to what nic it needs to go out on for these services, while the client is hounding it for services. Also, it could mean that you are using 2003 server SP1 and the MTU channels are incorrect.
Let me give you a thread to go to. This will allow you to look at the communications protocols needed for domain services. This includes, DHCP, DNS, netbios and internet services through a gateway. Please follow the steps to configuring both nics. If at all possible, disable the second nic thereafter. Only one connection to a small domain of, let's say 250 nodes or less, is needed.
https://www.experts-exchange.com/questions/23806816/How-do-I-enable-DHCP-on-only-one-network-interface.html
ASKER
The 2 NICs one for wan connection and the other is for Lan as its working as ISA server this can't be a problem as the ISA manage connections
Go to the command prompt and type:
Ipconfig /flushDNS
Net stop netlogon
Net start netlogon
Then, verify your SRV records in DNS are not pointing to the OUTSIDE nic.
Ipconfig /flushDNS
Net stop netlogon
Net start netlogon
Then, verify your SRV records in DNS are not pointing to the OUTSIDE nic.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is best resolved in Exchange zone under a new question. You should accept your answer ID: 24405552 for this question to get a refund of points, then open up a new question for exchange. If Mestha/Simon replies, your looking at one of the best exchange administrators I have ever seen.