Need help QUICK


  • enabled ip-security on secondary dc, repadmined gpup forced, everything was like ok (user server request security - and i believe unchanged it shouldve allowed connections even if verification doesnt pass somewhy), but now i cant connect to various servers neither users in AD can join a domain or some of them actually can but very slow, many many mistakes occured in system logs but the main is - "the kerberos subsystem encountered a pac verification failure event id 7" default server req ip policy uses kerberos, turning it off didnt help, actually planned to change for certificate auth later on. anyway need help quick, restarted all DC's turned off the policy ... still same sh**t.
    quarta-feira, 13 de junho de 2012 10:53


Todas as Respostas

  • ive heard like remove/add users and pc into domain would help, but thats crap seriously, should i now start readding 1500 users ? my dhcp is off, so 1500 pc's too ??
    quarta-feira, 13 de junho de 2012 10:55
  • on some of the virtual servers - " this computer was not able to set up a secure session with a domain controller in domain XXXXXX due to following: there are currently no logon servers available to service the logon request"
    quarta-feira, 13 de junho de 2012 10:58
  • after restarting the dc ip monitor snap-in still shows alot of "my code" in "security comparison" when i expected it to be clear, and active policy still shows "server(request security)" when i would expect to not see anything there
    quarta-feira, 13 de junho de 2012 11:01
  • trying net stop policyagent ==> not able to stop service "ipsec policy agent"
    quarta-feira, 13 de junho de 2012 11:06
  • ok on the nodex, disabling ipsec policy agent solved the problem, but that is pure crap i swear
    quarta-feira, 13 de junho de 2012 11:47