• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 810
  • Last Modified:

LDAP Bind Unsuccessful

Have 1  Exchange 2003 sp2 server, (not a DC).  Have 2 DC’s that are also GC’s.  Every 15 minutes or so receive errors in Event Viewer.  Errors are 8026 and 8260 (LDAP Bind was unsuccessful… and Could not open LDAP session…). During these errors, members are unable to open Outlook accounts.  Also getting Event ID: 2102, (all domain controllers are not responding). Also ID: 8250 (the win32 api call 'dsgetdcnamew' returned error code [0x54b])
Both DC’s are up and running fine. Can ping from exchange and run LDP and bind to them.
Ran following:
Dcdiags: all tests pass
Dnslint: all ok
SeSecurityPrivelige is ok(Exchange Enterprise servers listed under manage and security log)
ExBPA: there is an update for NIC’s,
Exchange NIC’s have the proper DNS and Wins listed
Could NIC’s needing update cause problems like this?
0
harold mcmullen
Asked:
harold mcmullen
  • 5
  • 3
1 Solution
 
yducerfCommented:
That looks like DNS errors.
Make sure that you are using ONLY domain controllers for DNS. There should be no external DNS servers anywhere in the network configuration of any machine on the network. If you need to use external DNS to get effective external DNS resolution, then use forwarders on the DNS server applet on the domain controllers.

Also check for effective replication of the AD DNS zones on the domain controllers, as the error you are seeing is looking at the AD zone.

0
 
harold mcmullennetwork techAuthor Commented:
there are no external DNS entries and replication is fine across DC AD DNS zones
0
 
yducerfCommented:
could you diag with these tool
NETDIAG and DCDIAG
There's probably a big mistake somewhere here
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
harold mcmullennetwork techAuthor Commented:
saw no problems on either.  dcdiag all pass and netdiag shows no errors
0
 
harold mcmullennetwork techAuthor Commented:
but i agree that there is a big mistake somewhere, just pullin' hair trying to figure out
0
 
e_aravindCommented:
Do you want to
a) check the AD-Sites binded/mapped for the the DCs/Exchange servers
b) stop. the AV services
0
 
harold mcmullennetwork techAuthor Commented:
have already disabled AV services prior w/ no result (Symantec Endpoint) and Exchange server is bound to DC's on both port 389 and 3268 (as each Dc is also GC)
0
 
yducerfCommented:
Have you try to upgrade your nic or eventually to disable teaming if exists ?
0
 
harold mcmullennetwork techAuthor Commented:
the problem was a dual nic architecture (not teamed) that had a default gateway listed on both nics. It was the same default gateway, but apparently only needed on one of the nics, not listed on both. example:
 nic 1                                                         nic 2
static ip:  10.1.777.72                              10.1.777.73
subnet:   255.255.255.0                           255.255.255.0
gateway: 10.1.777.1                                leave blank

well, though i feel stupid, maybe this will help someone else with this problem. thank you to all who sent their suggested fixes.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now