Outlook fails to authenticate after domain controller crash

My issue is on a private, closed network.  It started after I was running Dell's OpenManage software on my DC's to upgrade their firmware and BIOS.  During this process, my DC1 crashed when the NIC drivers got upgraded. I restarted it and finished the BIOS upgrade with no issues.  The 2nd (of 2) domain controllers didn't have any major issues when upgrading, but afterwards I was unable to log on to my email using Outlook 2003 to an Exchange 2003 server in our network.  Any user can log on to their workstation without  issue but we're now prompted for a username/password when trying to bring up Outlook.  If you put in the correct info (domainname\user name and password), it won't authenticate.  Below are the errors I'm getting.  I apologize if it looks a little rudimentary, but my network is not joined to the internet so I can't copy and paste directly.  Anyway, on the DC I get...

Event ID: 680
Type: Failure Aud
Source: Security
Category: Account Logon
Computer: DomainCtrl1
Logon Account: user1
Source Workstation: Wks1
Error Code: 0xC000006A

Here is the error code that shows up on the Exchange 2003 server at the exact same time:

Event ID: 529
Type: Failure Aud
Source: Security
Category: Logon/Logoff
Computer: Exch1
Logon Failure:
   Reason: Unknown user name or password
   User Name: user1
   Domain: MyDomain
   Logon Type:  3
   Logon Process: NtLmSsp
   Authentication Package: NTLM
   Workstation Name: Wks1
   Caller User Name: -
   Caller Domain: -
   Caller Logon ID: -
   Caller Process ID: -
   Transited Services: -
   Source Network Address: xxx.xxx.xxx.xxx
   Source Port: 1535 (this number changes every time)

We're now also having an issue running a RETINA scan, I get the same event id 680 on the DC and on the scanned machine I get event id 680 but with error code 0xC0000064 and event id 529 with source port 0 every time.  There will be about 6 of each error and RETINA tells me that it can't access the registry to do it's scans.  Also, I can log on to ANY workstation and it won't log on to the Exchange server.

To try to rule out permission errors, I tried giving my admin account an email address, and I can't log on to Outlook with that either.  Going back in the security log, it appears that Exchange was using Kerberos to authenticate in addition to NTLM when everything was working properly.  I don't know if the DC crash was what started everything, but that's really the only thing that changed since before the problem started.  Thank you very much for any help.
It's also worth mentioning that this issue will lock out a user after three failed attempts also to enter the username and password its requesting.  Replication appears to be working fine. DNS also works perfectly as I can take down either DC and the other one will perform all of the DC and DNS functions without fail, except when it comes to logging users in to Exchange.  Thanks again.

I am able to ping between any of the servers and workstations involved.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I had a similar problem.  Running Exchange 2010 on Win 2008 R2?

1st take a test workstation.  Change the exchange server name to it's IP.  
2nd make sure that the Exchange services have started.  I would restart them and try to connect.
If you have webmail, I would try to access your email from the browser as a test of Exchanges integrety.  

My problem was the exchange connector in 2008 had issues with the allowed IP ranges.  Once I opened the subnet to allow anything within my range, the problem was solved.  Yours could be either a DNS issue or the same.  Depends on your Exchange version.
theq222Author Commented:
These are Windows Server 2003 for the domain controllers, Exchange 2003 for the exchange server, XP for the workstations with Outlook 2003.
Check DNS.. I have seen this with a problem with dns changes
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

I would test the DNS as well.  Then test the domain registration.   Take a test PC off the domain and then re-add it.  See if you can ping both the DC and Exchange servers by name.  I take it that you have integrated Exchange into ADO.  This might have broken during the upgrade.  Also, make sure that the windows firewall is disabled on the PC.  
theq222Author Commented:
Problem solved. Though all domain computers and servers were using the same LAN Manager authentication setting in Local Policies and enforced across the entire domain by group policy, we made a change here that was actually more restrictive, but everything started working. Outlook and Retina are both working fine now.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
theq222Author Commented:
Our solution solved the problem and was not mentioned by any of the other experts.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.