Event Id | 40961 |
Source | LSASRV |
Description | Description 1: The Security System could not establish a secured connection with the server ldap/Computername.domain.com. No authentication protocol was available. Description 2: The Security System could not establish a secured connection with the server <service>/<server name>. No authentication protocol was available. |
Event Information | According to Microsoft: CAUSE: In Microsoft Security Bulletin MS04-011, which is also included in Windows XP SP2, there is a change in the Kerberos authentication. It no longer allows for a fallback to NTLM when a domain controller cannot be accessed. If you cannot contact a Key Distribution Center (KDC), you cannot connect to resources. WORKAROUND: To access a DFS share resource, you can use either of the following methods: • You can log on to the system with a local account. • You can make a domain controller available to the computer. Note :You install Security Bulletin MS04-011or Windows XP SP2 so that the domain member computers are more secure because the new authentication protocols (Kerberos) are more secure. For example, Kerberos offers mutual authentication. When you restart your Windows Server 2003-based computer after you promote it to the role of domain controller, the following events may appear in the System log of Event Viewer. CAUSE: This issue may occur if the File Replication Service (Ntfrs.exe) tries to authenticate before the directory service has started. WORKAROUND: To work around this issue, ignore these two warning events if the directory service starts successfully. If the events continue to appear after Windows has successfully restarted, you may have to troubleshoot the directory service. Following newsgroup information may help: "I just had this problem with a couple of w2k3 member servers on a 2003 native mode\AD domain. I was able to fix this problem by uninstalling the "client for Microsoft Networks" item from the NICs, rebooting the boxes, installing it again, and rebooting it again. Why this worked I am not exactly sure" "I have the same problem! After a few days fight with this problem I have found, that the problem is that, the NETBIOS is disabled. So if you enable NETBIOS over TCP/IP, then it should be OK. This solution works |
Reference Links | LSASRV Event IDs 40960 and 40961 When You Promote a Server to a Domain Controller Role After promoting a Windows Server 2003to a domain controller, System events 40960 and 40961 are posted? 5612 » Event ID 40961, Source LSASRV, cant connect to prisoner.iana.org? You cannot access resources after you install Security Bulletin MS04-011 or Windows XP Service Pack 2 |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.