• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1745
  • Last Modified:

Event ID 40960

I am getting Event ID 40960 on a 2003 Server running Exchange Server 2003.  The exact error is below.  I ran a w32tm /monitor (according to EE article 24620527)  and the offset in seconds between the FSMO and the other DC was 0.0007080 seconds. The event has only been logged twice in the last week or so.   The FSMO and the server in question have the same time on them, even the seconds are the same.

Event Type:      Warning
Event Source:   LSASRV
Event Category:            SPNEGO (Negotiator)
Event ID:          40960
Date:                5/4/2011
Time:                12:41:27 PM
User:                N/A
Computer:       COMPANY-MAIL
Description:
The Security System detected an authentication error for the server ldap/server-dc3.Domain-Dom.company.com.  The failure code from authentication protocol Kerberos was "The time at the Primary Domain Controller is different than the time at the Backup Domain Controller or member server by too large an amount.
 (0xc0000133)".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 33 01 00 c0               3..À    



 Any ideas?

Thanks,
cja
0
cja-tech-guy
Asked:
cja-tech-guy
1 Solution
 
ChiefITCommented:
Just manually set your time.

In a domain, there is a phase offset of 5 minutes. This means that if a computer on the network is more than +/- five minutes from the domain controller it will synch up. Since you recieve this error, it means that the computer is SO FAR out of synch that it can't synch up. So, if you manually set the time, it will be within synchronization tolerance.

Also make sure all firewalls permit time synchronization. I think that's on port 123 UDP.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now