• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2125
  • Last Modified:

How does one resolve the NEGOTIATE_DOWNGRADE_DETECTED error message (Event ID 40960) in Windows Xp Pro?

I have an HP Compaq nc6120 running Windows Xp sp3. All windows updates are installed. Yesterday, while the user was working remotely from home could not log into it because she claimed it would not boot up. I have not been able to duplicate that boot up issue. This morning when I examined event viewer on it I found Even ID 40960 "NEGOTIATE_DOWNGRADE_DETECTED" How do I resolve this issue?
0
cheyliger
Asked:
cheyliger
  • 5
  • 4
1 Solution
 
Adam LeinssSenior Desktop EngineerCommented:
Do you have the complete error message?  This sounds like it wanted to use Kerberos, but downgraded back to NTLM, but without the complete error message, it's anyone's guess.
0
 
cheyligerAuthor Commented:
I'm currently running a windows repair on it. As soon as it's finished I'll provide you with the complete error msg.
0
 
cheyligerAuthor Commented:
Aleinss,

Here is the exact error msg "The Security System detected an attempted downgrade attack for server DNS/cbru.br.ns.els-gms.att.net. The failure code authentication protocol Kerberos was "Ther are currently no logon servers available to service the logon request.
(0xc00005e)".
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Adam LeinssSenior Desktop EngineerCommented:
Check the time between client and server as given here:
http://www.experts-exchange.com/Networking/Misc/Q_21107740.html
Run GPEDIT.MSC
Under Computer Configuration>Windows Settings>Local Policies>Security Options
Make sure the responds are sent to NTLM V2 only
http://www.aas.duke.edu/asist/techstaff/pc/AD/NTLMv2/lmcompatibilitylevel.gif 
0
 
cheyligerAuthor Commented:
I just wanted to take this opportunity to inform you that this issue occured while the laptop was not in the domain. It happened while the user was using it remotely from home.
0
 
Adam LeinssSenior Desktop EngineerCommented:
So she wasn't VPNing in to the domain, but was using it disconnected from your network?  If so, then that error message is probably normal.
When you said it wouldn't boot up, I thought you were referring to get to the login screen, but not getting past that, but if you had to run a repair on the OS, it sounds like something got corrupted in the operating system.
0
 
cheyligerAuthor Commented:
Aleinss,

The user was attempting to use the laptop from home she claimed that she couldn't even get to the logon screen.  However, when she brought the laptop to the office and gave it  to me I was able to power it up and run a Full virus scan without it being connected to the network. Later I was able to successfully defragment the harddrive and later run windows repair without any reoccurence of the issue.
0
 
Adam LeinssSenior Desktop EngineerCommented:
I think your course of action was correct...the error just means it couldn't contact the DC and if she wasn't using VPN, that would be a normal error that would get logged.

It won't cause the laptop not to boot.
0
 
cheyligerAuthor Commented:
I agree with your accessment. I was just reporting what she reported to me. I'm of the opinion that if she couldn't get the laptop to bootup, it would have occured at least once when I was working on it. As I've rebooted it at least 10 times today without any problems. I've since returned it to the user.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now