Solved

LDAP Bind Unsuccessful

Posted on 2010-09-20
9
795 Views
Last Modified: 2012-05-10
Have 1  Exchange 2003 sp2 server, (not a DC).  Have 2 DC’s that are also GC’s.  Every 15 minutes or so receive errors in Event Viewer.  Errors are 8026 and 8260 (LDAP Bind was unsuccessful… and Could not open LDAP session…). During these errors, members are unable to open Outlook accounts.  Also getting Event ID: 2102, (all domain controllers are not responding). Also ID: 8250 (the win32 api call 'dsgetdcnamew' returned error code [0x54b])
Both DC’s are up and running fine. Can ping from exchange and run LDP and bind to them.
Ran following:
Dcdiags: all tests pass
Dnslint: all ok
SeSecurityPrivelige is ok(Exchange Enterprise servers listed under manage and security log)
ExBPA: there is an update for NIC’s,
Exchange NIC’s have the proper DNS and Wins listed
Could NIC’s needing update cause problems like this?
0
Comment
Question by:Harold_acld
  • 5
  • 3
9 Comments
 
LVL 3

Expert Comment

by:yducerf
ID: 33717145
That looks like DNS errors.
Make sure that you are using ONLY domain controllers for DNS. There should be no external DNS servers anywhere in the network configuration of any machine on the network. If you need to use external DNS to get effective external DNS resolution, then use forwarders on the DNS server applet on the domain controllers.

Also check for effective replication of the AD DNS zones on the domain controllers, as the error you are seeing is looking at the AD zone.

0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33717517
there are no external DNS entries and replication is fine across DC AD DNS zones
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33717675
could you diag with these tool
NETDIAG and DCDIAG
There's probably a big mistake somewhere here
0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33717878
saw no problems on either.  dcdiag all pass and netdiag shows no errors
0
New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

 
LVL 4

Author Comment

by:Harold_acld
ID: 33717882
but i agree that there is a big mistake somewhere, just pullin' hair trying to figure out
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33718262
Do you want to
a) check the AD-Sites binded/mapped for the the DCs/Exchange servers
b) stop. the AV services
0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33718931
have already disabled AV services prior w/ no result (Symantec Endpoint) and Exchange server is bound to DC's on both port 389 and 3268 (as each Dc is also GC)
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33722773
Have you try to upgrade your nic or eventually to disable teaming if exists ?
0
 
LVL 4

Accepted Solution

by:
Harold_acld earned 0 total points
ID: 33770352
the problem was a dual nic architecture (not teamed) that had a default gateway listed on both nics. It was the same default gateway, but apparently only needed on one of the nics, not listed on both. example:
 nic 1                                                         nic 2
static ip:  10.1.777.72                              10.1.777.73
subnet:   255.255.255.0                           255.255.255.0
gateway: 10.1.777.1                                leave blank

well, though i feel stupid, maybe this will help someone else with this problem. thank you to all who sent their suggested fixes.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now