Event ID 40960

I am getting Event ID 40960 on a 2003 Server running Exchange Server 2003.  The exact error is below.  I ran a w32tm /monitor (according to EE article 24620527)  and the offset in seconds between the FSMO and the other DC was 0.0007080 seconds. The event has only been logged twice in the last week or so.   The FSMO and the server in question have the same time on them, even the seconds are the same.

Event Type:      Warning
Event Source:   LSASRV
Event Category:            SPNEGO (Negotiator)
Event ID:          40960
Date:                5/4/2011
Time:                12:41:27 PM
User:                N/A
Computer:       COMPANY-MAIL
Description:
The Security System detected an authentication error for the server ldap/server-dc3.Domain-Dom.company.com.  The failure code from authentication protocol Kerberos was "The time at the Primary Domain Controller is different than the time at the Backup Domain Controller or member server by too large an amount.
 (0xc0000133)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 33 01 00 c0               3..À    



 Any ideas?

Thanks,
cja
cja-tech-guyAsked:
Who is Participating?
 
ChiefITCommented:
Just manually set your time.

In a domain, there is a phase offset of 5 minutes. This means that if a computer on the network is more than +/- five minutes from the domain controller it will synch up. Since you recieve this error, it means that the computer is SO FAR out of synch that it can't synch up. So, if you manually set the time, it will be within synchronization tolerance.

Also make sure all firewalls permit time synchronization. I think that's on port 123 UDP.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.