Solved

LDAP Bind Unsuccessful

Posted on 2010-09-20
9
793 Views
Last Modified: 2012-05-10
Have 1  Exchange 2003 sp2 server, (not a DC).  Have 2 DC’s that are also GC’s.  Every 15 minutes or so receive errors in Event Viewer.  Errors are 8026 and 8260 (LDAP Bind was unsuccessful… and Could not open LDAP session…). During these errors, members are unable to open Outlook accounts.  Also getting Event ID: 2102, (all domain controllers are not responding). Also ID: 8250 (the win32 api call 'dsgetdcnamew' returned error code [0x54b])
Both DC’s are up and running fine. Can ping from exchange and run LDP and bind to them.
Ran following:
Dcdiags: all tests pass
Dnslint: all ok
SeSecurityPrivelige is ok(Exchange Enterprise servers listed under manage and security log)
ExBPA: there is an update for NIC’s,
Exchange NIC’s have the proper DNS and Wins listed
Could NIC’s needing update cause problems like this?
0
Comment
Question by:Harold_acld
  • 5
  • 3
9 Comments
 
LVL 3

Expert Comment

by:yducerf
ID: 33717145
That looks like DNS errors.
Make sure that you are using ONLY domain controllers for DNS. There should be no external DNS servers anywhere in the network configuration of any machine on the network. If you need to use external DNS to get effective external DNS resolution, then use forwarders on the DNS server applet on the domain controllers.

Also check for effective replication of the AD DNS zones on the domain controllers, as the error you are seeing is looking at the AD zone.

0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33717517
there are no external DNS entries and replication is fine across DC AD DNS zones
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33717675
could you diag with these tool
NETDIAG and DCDIAG
There's probably a big mistake somewhere here
0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33717878
saw no problems on either.  dcdiag all pass and netdiag shows no errors
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 4

Author Comment

by:Harold_acld
ID: 33717882
but i agree that there is a big mistake somewhere, just pullin' hair trying to figure out
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 33718262
Do you want to
a) check the AD-Sites binded/mapped for the the DCs/Exchange servers
b) stop. the AV services
0
 
LVL 4

Author Comment

by:Harold_acld
ID: 33718931
have already disabled AV services prior w/ no result (Symantec Endpoint) and Exchange server is bound to DC's on both port 389 and 3268 (as each Dc is also GC)
0
 
LVL 3

Expert Comment

by:yducerf
ID: 33722773
Have you try to upgrade your nic or eventually to disable teaming if exists ?
0
 
LVL 4

Accepted Solution

by:
Harold_acld earned 0 total points
ID: 33770352
the problem was a dual nic architecture (not teamed) that had a default gateway listed on both nics. It was the same default gateway, but apparently only needed on one of the nics, not listed on both. example:
 nic 1                                                         nic 2
static ip:  10.1.777.72                              10.1.777.73
subnet:   255.255.255.0                           255.255.255.0
gateway: 10.1.777.1                                leave blank

well, though i feel stupid, maybe this will help someone else with this problem. thank you to all who sent their suggested fixes.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now