asked on
Exchange 2003 machine account fail due to major date shift
Considering it's a monday, I'm not expecting good news.
Last week, an admin inadvertently rolled back the date on some of our DC's and Exchange servers, setting it back several months. Once we started seeing errors across the network we reset the clocks on most of the servers and most of them have stabilized. Had to reset machine accounts on the DC's. One of the exchange servers is still down.
Netlogon errors: Event ID 3210
This computer could not authenticate with <DC>
LSASRV errors: Event ID: 40960
The Security System detected an authentication error for the server <SERVER>. The failure code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication information.
(0xc000006d)".
Exchange Information store, Exchange MTA Stacks services, and Exchange system attendant services will not start. Attempting to start Sys Att service results in the mention 40960 event.
The DC is posting Netlogon Event ID 5722
The session setup from the computer <SERVER> failed to authenticate. Access is denied.
If I've read correctly, removing the Exchange server from the domain to re-add it is a last ditch to try and return things to proper operation and likely won't work out for the best. Is there another option for trying to fix this?
Last week, an admin inadvertently rolled back the date on some of our DC's and Exchange servers, setting it back several months. Once we started seeing errors across the network we reset the clocks on most of the servers and most of them have stabilized. Had to reset machine accounts on the DC's. One of the exchange servers is still down.
Netlogon errors: Event ID 3210
This computer could not authenticate with <DC>
LSASRV errors: Event ID: 40960
The Security System detected an authentication error for the server <SERVER>. The failure code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication information.
(0xc000006d)".
Exchange Information store, Exchange MTA Stacks services, and Exchange system attendant services will not start. Attempting to start Sys Att service results in the mention 40960 event.
The DC is posting Netlogon Event ID 5722
The session setup from the computer <SERVER> failed to authenticate. Access is denied.
If I've read correctly, removing the Exchange server from the domain to re-add it is a last ditch to try and return things to proper operation and likely won't work out for the best. Is there another option for trying to fix this?
ExchangeWindows Server 2003Active Directory
Last Comment
Mestha
ASKER
Thanks for the reply
So to be clear,
reset the account in AD/U&C, then move the server to a workgroup, reboot, re-join domain?
So to be clear,
reset the account in AD/U&C, then move the server to a workgroup, reboot, re-join domain?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
can only logon with the local admin account so I don't see any problems there.
Will post when I have a chance to make the changes, thanks again, fingers crossed.
Will post when I have a chance to make the changes, thanks again, fingers crossed.
To avoid damage to Exchange, make sure that you have shutdown and disabled the Exchange services before touching the domain membership.
Simon.
Simon.
If you instead reset the account, then re-join the server to the domain it should work though.