Folks, I am having problems in a recently upgraded AD Domain with an XP client losing the ability to authenticate. A user will logon successfully to the domain, and after a few hours, seem to lose their credentials. One minute the user will be able to authenticate, the next, authentication will fail. Specifically, a user who could access a network share one minute, will get an error message saying The username or password is invalid, or a variant thereof. The XP client will then hang within a few minutes of this happening.
There are errors in the event log I've never seen and that don't appear in the knowledgebase, at least not for Windows XP computers. The knowledgebase articles I've found apply to NT4 Domain Controllers. All help is appreciated. The events are below, the times don't sync up because I pulled them from a couple of different places in the event viewer, though they usually appear together in the event log. Event Type: Error Event Source: Userenv Event Category: None Event ID: 1054 Date: 6/11/2003 Time: 2:49:56 PM User: NT AUTHORITY\SYSTEM Computer: COMP1 Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ***** Event Type: Warning Event Source: Userenv Event Category: None Event ID: 1525 Date: 6/11/2003 Time: 2:51:20 PM User: DEMO\User1 Computer: COMP1 Description: Windows has detected that Offline Caching is enabled on the Roaming Profile share - to avoid potential profile corruption, Offline Caching must be disabled on shares where roaming user profiles are stored. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ***** Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5719 Date: 6/11/2003 Time: 4:22:42 PM User: N/A Computer: COMP1 Description: No Domain Controller is available for domain DEMO due to the following: The RPC server is unavailable. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 17 00 02 c0 ...� ***** Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5790 Date: 6/11/2003 Time: 3:45:53 PM User: N/A Computer: COMP1 Description: No suitable Domain Controller is available for domain CSHNT. An NT4 or older domain controller is available but it cannot be used for authentication purposes in the Windows 2000 or newer domain that this computer is a member of. The following error occurred: There are currently no logon servers available to service the logon request. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 5e 00 00 c0 ^..� ***** Event Type: Warning Event Source: LSASRV Event Category: SPNEGO (Negotiator) Event ID: 40960 Date: 6/11/2003 Time: 3:44:23 PM User: N/A Computer: COMP1 Description: The Security System detected an attempted downgrade attack for server cifs/underdog. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request. (0xc000005e)". For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Regards, Phillip List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
