Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

XP connection issues with Server 2008 Domain

Status
Not open for further replies.
rider90

rider90

Technical User
Jun 17, 2011
64
GB
We installed a new Windows Server 2008 R2 Server last year, and changed the Domain level to 2008. Since then we have been having various issues which only affect XP machines. All Windows 7 computers are absolutely fine.



The problems:

1.) Computers when first logged into in the morning are unremarkable slow and un-responisive. When you finally get to click restart, an error message appears "You do not have administrative privileges to shut down this computer"

2.) The computer will not be able to connect to some servers. A log in box will appear but the user, nor the administrator can successfully log in.

3.) The user cannot print every morning. The print spooler reports to be started and running problem free, and no error messages appear other then the printer icon in the taskbar with a red question mark. To resolve this, you need to restart the print spooler and then click refresh on the print. This then solves the problem for the rest of the day.



These are the error's we are getting on the computers event logs:

Event Type: Warning

Event Source: LSASRV

Event Category: SPNEGO (Negotiator)

Event ID: 40960

Date: 15/02/2011

Time: 09:04:36

User: N/A

Computer: PC-07

Description:

The Security System detected an attempted downgrade attack for server cifs/server. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.

(0xc000005e)".





Event Type: Warning

Event Source: LSASRV

Event Category: SPNEGO (Negotiator)

Event ID: 40961

Date: 15/02/2011

Time: 09:04:30

User: N/A

Computer: PC-07

Description:

The Security System could not establish a secured connection with the server cifs/sql. No authentication protocol was available.



For more information, see Help and Support Center at


This problem also doesn't affect every XP machine, and seems to follow users. Computers which have this issues have been rebuilt which resolved the problem, but within a few months the problem has come back and been persistant since. We have also tried swapping computers and even components, so I think this could be user related.



I am totally lost, and our local IT Support company are struggling with this.



Any ideas or suggestions would be greatly appriciated, as I have tried and read so many different forums and hotfixes.



Cheers,

Matt
 
Sort by date Sort by votes
I would start with

1) Remove machine from domain - re-add.
2) Delete / rename the server profile for user and re-create from local
3) Delete / rename local profile for user and re-create from server

4) ensure all machines are on same software level (i.e windows updates / service packs.
5) remove offending machines from domain and rebuild workstations and create new profiles, and migrate users to new profile.

Some Event ID help here:



ACSS - SME
General Geek

CallUsOn.png


1832163.png
 
Upvote 0 Downvote
What about something simple like - are the workstations pointing at the 2008 server (via IP address) for their DNS?
 
Upvote 0 Downvote
Hi guys,

These computers have already been removed from the domain, deleted from the Server, rebuilt, and re-added. This was fine for around a month before the issues begun again. In some cases I have given the computer a different name, to see if the Server was somehow remembering it, and these problems still occurred.

All computers are controlled by DHCP and therefore all their IP Addresses are pointing to the correct Server. An IP Config confirms this.

Our WSUS server controls the computer versions and they are also all currently on the same version, SP3. At the moment they are awaiting a shutdown to install Office 2007 SP3, IE8 compatibility list and a security update.

Local Profiles have been deleted with no change.

The one thing I haven't yet tried is removing the user from the Server entirely, deleting their Exchange account, and then re-creating them from scratch. I have resisted doing this as I'm worried that I will loss data or E-Mails etc in the process.
 
Upvote 0 Downvote
just back the emails up with outlook (create PST file) then re-import them once the new profile is created.

ACSS - SME
General Geek

CallUsOn.png


1832163.png
 
Upvote 0 Downvote
I know it is simple, just over cautious.

Ok more information. These errors started to occur when we changed from a Domain 2003 Server to a new server with 2008 and changed the Domain level. This all happened before I started to how this was done I don't know.

The users which have been effected all this long could be due to corruption during the change, except within the past month, a couple more users who have never had the problem before have also started to experience these issues.
So if we look away from it being User profile corruption, what else should I be looking into? The IT guy at the time doesn't think it is User Profile corruption, although he hasn't said much more then that.
 
Upvote 0 Downvote
have you had a good dig around DNS and ADIEDIT to make sure there are no dodgy entries in there?



ACSS - SME
General Geek

CallUsOn.png


1832163.png
 
Upvote 0 Downvote
We have had a real good look around DNS, and done a lot of Googleing on it. A few changes have been made, although this hasn't made any difference.

Again I will look into DNS further.

Its a tough one!
 
Upvote 0 Downvote
Ben YES! In the research I have done this is something I have come across several times but have so far failed to resolve.

With all the different articles I find which could be related to the problems we are having, this is one which has been playing on my mind for a while so I'm glad you have mentioned it.

I will try out the suggestions in the link you have provided and let you know.

Thanks,
Matt
 
Upvote 0 Downvote
Have added the registry value, will have to wait now until Monday/Tuesday to see if the people who's computers I have set this on still receive the issue.

Thanks again,
Matt
 
Upvote 0 Downvote
It didn't appear to work.
O
n Monday it continued to affect 3 out of the 4 computers I added this registry value to.
It only affected 2 out of 4 on Tuesday, but that is the difficult nature of this problem in that one week it could be affecting several computers and then suddenly its fine again.

 
Upvote 0 Downvote
there is something in the doamin / AD / DNS that is broken

You might be better opening a ticket with MS

DO you have a TechNet account? You get 2 free tickets!

ACSS - SME
General Geek

CallUsOn.png


1832163.png
 
Upvote 0 Downvote
Upvote 0 Downvote
Sorry taken so long to reply.

I have slowly gone through the various suggestions and left each one for a few days to see if it makes a difference. It did start to look promising but then the error started to hit hard again.

I have added the Registry key to downgrade XP machines from using 128bit encryption. No Luck. I've had a look around the DNS and nothing is obviously not working.
I haven't opened a Ticket with Microsoft yet.

Matt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Flinx
  • Locked
  • Question
continuing issues with Windows 10 slow transfer to NAS
Replies
6
Views
406
pmonett
pmonett
goombawaho
  • Locked
  • Question
Risk of running unsupported server version 1
Replies
7
Views
239
goombawaho
goombawaho
Diane Sandstrom
  • Locked
  • Question
PDF with highlighting
Replies
2
Views
162
Diane Sandstrom
Diane Sandstrom
Rjanson
  • Locked
  • Question
Issues with Sound
Replies
3
Views
133
Rjanson
Rjanson
Shengfu
  • Locked
  • Question
PROBLEM WITH FILES IN FLASHDRIVE
Replies
3
Views
197
mikrom
mikrom

Part and Inventory Search

Sponsor

Back
Top