dyndragon91
asked on
Kerberos event id 7 + netlogon event id 5719 errors, domain workstation unable to log on
Hi all,
Recently I've had several workstations come up with these event error logs (in chronological order):
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 5/14/2009
Time: 11:19:50 AM
User: N/A
Computer: ABBOTT-MAIN
Description:
No Domain Controller is available for domain ABBOTT due to the following:
The RPC server is unavailable. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 17 00 02 c0 ...
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 7
Date: 5/14/2009
Time: 11:47:06 AM
User: N/A
Computer: ABBOTT-MAIN
Description:
The kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client ABBOTT-MAIN$ in realm ABBOTT.LOCAL had a PAC which failed to verify or was modified. Contact your system administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..
I've read a few other topics and have tried re-syncing w32time to make sure all the clocks match, but I'm out of ideas at this point. The one workstation can't even log in, but if I check the system logs off of the domain (where it's able to log on) I don't see any errors when its trying to log on. On other workstations that are already logged in (and I don't dare log them out) i see those two errors in the system log. Also, I don't happen to see anything awry on the SBS 2003 server system logs either.
Any help would be greatly appreciated!
--Hans
Recently I've had several workstations come up with these event error logs (in chronological order):
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 5/14/2009
Time: 11:19:50 AM
User: N/A
Computer: ABBOTT-MAIN
Description:
No Domain Controller is available for domain ABBOTT due to the following:
The RPC server is unavailable. .
Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 17 00 02 c0 ...
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 7
Date: 5/14/2009
Time: 11:47:06 AM
User: N/A
Computer: ABBOTT-MAIN
Description:
The kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client ABBOTT-MAIN$ in realm ABBOTT.LOCAL had a PAC which failed to verify or was modified. Contact your system administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..
I've read a few other topics and have tried re-syncing w32time to make sure all the clocks match, but I'm out of ideas at this point. The one workstation can't even log in, but if I check the system logs off of the domain (where it's able to log on) I don't see any errors when its trying to log on. On other workstations that are already logged in (and I don't dare log them out) i see those two errors in the system log. Also, I don't happen to see anything awry on the SBS 2003 server system logs either.
Any help would be greatly appreciated!
--Hans
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will give this a shot and report back. I'm not at this site for a day or two.
ASKER
Odd thing. Now I plug in the workstation that couldn't log in before and it works with no problems. ????! I'm dreading rootcausing this. What might cause these issues?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This is a one PDC domain, so even if I was using WINS and DNS, there's only one domain server to resolve to and it's set to be a static IP address. In any case, I'm not using WINS as far as I know.
I did actually double check to make sure the bios time was set correctly. I know that you can get auth failures if the time is off, so that was the first thing I checked. I'm starting to think that one of the network switches might be on the fritz.
Still investigating...thanks for the tips.
I did actually double check to make sure the bios time was set correctly. I know that you can get auth failures if the time is off, so that was the first thing I checked. I'm starting to think that one of the network switches might be on the fritz.
Still investigating...thanks for the tips.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good troubleshooting steps and it worked.
ASKER