?
Solved

LDAP Bind Unsuccessful

Posted on 2010-09-20
9
Medium Priority
?
803 Views
Last Modified: 2012-05-10
Have 1  Exchange 2003 sp2 server, (not a DC).  Have 2 DC’s that are also GC’s.  Every 15 minutes or so receive errors in Event Viewer.  Errors are 8026 and 8260 (LDAP Bind was unsuccessful… and Could not open LDAP session…). During these errors, members are unable to open Outlook accounts.  Also getting Event ID: 2102, (all domain controllers are not responding). Also ID: 8250 (the win32 api call 'dsgetdcnamew' returned error code [0x54b])
Both DC’s are up and running fine. Can ping from exchange and run LDP and bind to them.
Ran following:
Dcdiags: all tests pass
Dnslint: all ok
SeSecurityPrivelige is ok(Exchange Enterprise servers listed under manage and security log)
ExBPA: there is an update for NIC’s,
Exchange NIC’s have the proper DNS and Wins listed
Could NIC’s needing update cause problems like this?
0
Comment
Question by:harold mcmullen
  • 5
  • 3
9 Comments
 
LVL 3

Expert Comment

by:yducerf
ID: 33717145
That looks like DNS errors.
Make sure that you are using ONLY domain controllers for DNS. There should be no external DNS servers anywhere in the network configuration of any machine on the network. If you need to use external DNS to get effective external DNS resolution, then use forwarders on the DNS server applet on the domain controllers.

Also check for effective replication of the AD DNS zones on the domain controllers, as the error you are seeing is looking at the AD zone.

0
 
LVL 4

Author Comment

by:harold mcmullen
ID: 33717517
there are no external DNS entries and replication is fine across DC AD DNS zones
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33717675
could you diag with these tool
NETDIAG and DCDIAG
There's probably a big mistake somewhere here
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 4

Author Comment

by:harold mcmullen
ID: 33717878
saw no problems on either.  dcdiag all pass and netdiag shows no errors
0
 
LVL 4

Author Comment

by:harold mcmullen
ID: 33717882
but i agree that there is a big mistake somewhere, just pullin' hair trying to figure out
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33718262
Do you want to
a) check the AD-Sites binded/mapped for the the DCs/Exchange servers
b) stop. the AV services
0
 
LVL 4

Author Comment

by:harold mcmullen
ID: 33718931
have already disabled AV services prior w/ no result (Symantec Endpoint) and Exchange server is bound to DC's on both port 389 and 3268 (as each Dc is also GC)
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33722773
Have you try to upgrade your nic or eventually to disable teaming if exists ?
0
 
LVL 4

Accepted Solution

by:
harold mcmullen earned 0 total points
ID: 33770352
the problem was a dual nic architecture (not teamed) that had a default gateway listed on both nics. It was the same default gateway, but apparently only needed on one of the nics, not listed on both. example:
 nic 1                                                         nic 2
static ip:  10.1.777.72                              10.1.777.73
subnet:   255.255.255.0                           255.255.255.0
gateway: 10.1.777.1                                leave blank

well, though i feel stupid, maybe this will help someone else with this problem. thank you to all who sent their suggested fixes.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Stellar Exchange Toolkit: this 5 in 1 toolkit comes loaded with mega-software tool. Here’s an introduction to tools’ usage and advantages:
In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question