Cool, please do update us either way. Since you still have one DC that is not @ R2, I would not at all be surprised if that is the culprit or at least part of it.
Happy Friday! Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians & Associates, PA [email protected]<BLOCKED::mailto:%[email protected]> www.eaglemds.com<BLOCKED::http://www.eaglemds.com/> ________________________________ From: Kennedy, Jim [mailto:[email protected]] Sent: Friday, December 03, 2010 12:21 PM To: NT System Admin Issues Subject: RE: Intermittant IIS logon issues. I think you nailed it. I still have one 2008 DC running....and it is my primary DNS/Wins server for the IIS server in question. NBLookups from the IIS server to one of the DC's is failing....got lots of bad WINS records in it. It was going to be decommissioned next week, I have moved that up to the end of the day today and I bet that gets it. I will certainly post a resolution if that is it. From: Raper, Jonathan - Eagle [mailto:[email protected]] Sent: Friday, December 03, 2010 11:14 AM To: NT System Admin Issues Subject: RE: Intermittant IIS logon issues. Shot in the dark, since you say the failed attempts are being rejected locally... Are all of your DCs talking to each other and updating/replicating with each other properly since you did the upgrade? Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians & Associates, PA [email protected]<BLOCKED::mailto:%[email protected]> www.eaglemds.com<BLOCKED::http://www.eaglemds.com/> ________________________________ From: Kennedy, Jim [mailto:[email protected]] Sent: Friday, December 03, 2010 11:05 AM To: NT System Admin Issues Subject: Intermittant IIS logon issues. App on a 2003 IIS server that uses the IIS integrated authentication. The app does not do the authentication, the IIS website does. Authentication is back to 2008 R2 DC's. And I think that is the issue, this seems to have just started when I updated the DC's from 2008 to 2008 R2. It is very odd, some users can hit it with integrated authentication and others cannot. For a couple of days at a time those that cannot sometimes can. When the users fail I can see it in the security log, that the user is being checked against the local server account list...rather than the domain. If the user hits the popup with domain/user at that point it authenticates them just fine. Authentication methods on the website appear correct, and have not been changed since the app was setup. Anonymous is allowed and the IUSR account is valid and synced up correctly. Then only Integrated Windows Auth is checked. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ________________________________ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
