Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Logon failure when domain controller unavailable - why?

Status
Not open for further replies.
NJSJL

NJSJL

Technical User
Sep 26, 2008
2
GB
I have a Windows service on a Windows 2003 server that authenticates with its database server (SQL 2005) on a regular basis. Recently the Windows server's logon server was rebooted. This resulted in authentication failures relating to the Windows service.

The event log details are:
Event ID: 529
Reason: Unknown user name or bad password

It's not an unknown user name or bad password as once the logon server had completed its reboot the service could authenticate again.

The AD site that the server is in has three domain controllers but for some reason the server did not go through the process of finding another DC when it couldn't contact its logon server, it simply rejected the logons.

Can anyone explain under what conditions a search for a new DC will take place or why else the logon failed.

Thanks.
NJSJL
 
Sort by date Sort by votes
You have to have a GC available in order to authenticate logons. If you only have one GC and you stop it, then users will fail logon.

What logon type is indicated in the event log error?

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 
Upvote 0 Downvote
DNS settings for your SQL server include more than one DNS/AD server right? If so, doublecheck your DNS forward zone for all the appropriate records then run dcdiag /c and dnslint. If you reboot the AD server, it may take up to 5 minutes for the DNS cache for "domain.local" to expire and the server to ask again for the IP of the domain. Typing ipconfig /flushdns will speed this up.
 
Upvote 0 Downvote
Answers to the questions:

I can confirm that there are two global catalog servers within the AD site that this server is in and the second GC remained available when other was rebooted.

The logon type reported in the event log is 5 (service).

The SQL server and application server are both configured with primary, secondary and tertiary DNS servers. None of the DNS servers were rebooted, it was a DC which is also a GC.

Any further suggestions?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
214
ADB100
ADB100
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
719
goombawaho
goombawaho
Teo En Ming
  • Locked
  • Question
Actions taken during Disaster Recovery for client whose IBM Megaraid controller has failed
Replies
2
Views
437
fightaccording
fightaccording
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
533
fredmartinmaine
fredmartinmaine
demetrio
  • Locked
  • Question
Remote Desktop Gateway server is temporarily unavailable
Replies
1
Views
145
technome
technome

Part and Inventory Search

Sponsor

Back
Top