DNS error in eventlog SPNEGO 40961 LSASRV

Hi all,

Really trying hard to sort this network out! Every time a DNS registration
is attempted we receive a warning in the eventlog as mentioned in the subject.

Here is the scenario:

PC is in company.local domain, and has primary domain suffix of company.local

PC has DHCP applied, with the append these DNS suffixes option set via group
policy

company.local
oldcompanyname.local (For which we have a static zone on DNS for a few bits
of kit we are migrating over)
parentcompany.com (Which is on our physical network (Not joined domains or
anything like that) so is contactable)

Register this connection's addresses in DNS is ticked
use this local connection DNS suffix in DNS registration is not ticked

So far all good, if a user requests a client/server in our network by just
its hostname, it resolves, same with servers in the parent company which we
use.

The error we are getting is when the client attempts to register DNS, but
the error is shown below:

The Security System could not establish a secured connection with the server
DNS/server.parentcompany.com. No authentication protocol was available.

Firstly, if we append DNS suffixes, as we have done, are these used by the
DNS client to attempt to register DNS records...

For example, is my client attempting to register:

name.company.local
name.oldcompany.local
name.parentcompany.com

Not sure if this is the case (Just wanted clarification)...

I think what is happening is that the client is registering correctly in the
name.company.local zone, and then it is attempting to register in a reverse
lookup zone, (We do not have any reverse lookup zones)... And then our DNS is
forwarding this unresolved request to the parentcompany.com server, as it is
listed as the first forwarder (For all DNS domains) in our DNS setup (Not
sure why this is)...

Can someone confirm this, have I got a situation similar to this?

http://support.microsoft.com/kb/259922

Hello UselessUser,

Do you have also event id 1054 and 1030 logged?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Hi all,
>
> Really trying hard to sort this network out! Every time a DNS
> registration is attempted we receive a warning in the eventlog as
> mentioned in the subject.
>
> Here is the scenario:
>
> PC is in company.local domain, and has primary domain suffix of
> company.local
>
> PC has DHCP applied, with the append these DNS suffixes option set via
> group policy
>
> company.local
> oldcompanyname.local (For which we have a static zone on DNS for a few
> bits
> of kit we are migrating over)
> parentcompany.com (Which is on our physical network (Not joined
> domains or
> anything like that) so is contactable)
> Register this connection's addresses in DNS is ticked use this local
> connection DNS suffix in DNS registration is not ticked
>
> So far all good, if a user requests a client/server in our network by
> just its hostname, it resolves, same with servers in the parent
> company which we use.
>
> The error we are getting is when the client attempts to register DNS,
> but the error is shown below:
>
> The Security System could not establish a secured connection with the
> server DNS/server.parentcompany.com. No authentication protocol was
> available.
>
> Firstly, if we append DNS suffixes, as we have done, are these used by
> the DNS client to attempt to register DNS records...
>
> For example, is my client attempting to register:
>
> name.company.local
> name.oldcompany.local
> name.parentcompany.com
> Not sure if this is the case (Just wanted clarification)...
>
> I think what is happening is that the client is registering correctly
> in the name.company.local zone, and then it is attempting to register
> in a reverse lookup zone, (We do not have any reverse lookup zones)...
> And then our DNS is forwarding this unresolved request to the
> parentcompany.com server, as it is listed as the first forwarder (For
> all DNS domains) in our DNS setup (Not sure why this is)...
>
> Can someone confirm this, have I got a situation similar to this?
>
> http://support.microsoft.com/kb/259922
>

Hi,

No I do not, what does this indicate?

"Meinolf Weber" wrote:

> Hello UselessUser,
>
> Do you have also event id 1054 and 1030 logged?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > Hi all,
> >
> > Really trying hard to sort this network out! Every time a DNS
> > registration is attempted we receive a warning in the eventlog as
> > mentioned in the subject.
> >
> > Here is the scenario:
> >
> > PC is in company.local domain, and has primary domain suffix of
> > company.local
> >
> > PC has DHCP applied, with the append these DNS suffixes option set via
> > group policy
> >
> > company.local
> > oldcompanyname.local (For which we have a static zone on DNS for a few
> > bits
> > of kit we are migrating over)
> > parentcompany.com (Which is on our physical network (Not joined
> > domains or
> > anything like that) so is contactable)
> > Register this connection's addresses in DNS is ticked use this local
> > connection DNS suffix in DNS registration is not ticked
> >
> > So far all good, if a user requests a client/server in our network by
> > just its hostname, it resolves, same with servers in the parent
> > company which we use.
> >
> > The error we are getting is when the client attempts to register DNS,
> > but the error is shown below:
> >
> > The Security System could not establish a secured connection with the
> > server DNS/server.parentcompany.com. No authentication protocol was
> > available.
> >
> > Firstly, if we append DNS suffixes, as we have done, are these used by
> > the DNS client to attempt to register DNS records...
> >
> > For example, is my client attempting to register:
> >
> > name.company.local
> > name.oldcompany.local
> > name.parentcompany.com
> > Not sure if this is the case (Just wanted clarification)...
> >
> > I think what is happening is that the client is registering correctly
> > in the name.company.local zone, and then it is attempting to register
> > in a reverse lookup zone, (We do not have any reverse lookup zones)...
> > And then our DNS is forwarding this unresolved request to the
> > parentcompany.com server, as it is listed as the first forwarder (For
> > all DNS domains) in our DNS setup (Not sure why this is)...
> >
> > Can someone confirm this, have I got a situation similar to this?
> >
> > http://support.microsoft.com/kb/259922
> >
>
>
>

Hello UselessUser,

Where is the event id logged, on the server or client? Please post the complete
event viewer entry, just press the 2 paper button int he right corner and
paste to the posting.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Hi,
>
> No I do not, what does this indicate?
>
> "Meinolf Weber" wrote:
>
>> Hello UselessUser,
>>
>> Do you have also event id 1054 and 1030 logged?
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi all,
>>>
>>> Really trying hard to sort this network out! Every time a DNS
>>> registration is attempted we receive a warning in the eventlog as
>>> mentioned in the subject.
>>>
>>> Here is the scenario:
>>>
>>> PC is in company.local domain, and has primary domain suffix of
>>> company.local
>>>
>>> PC has DHCP applied, with the append these DNS suffixes option set
>>> via group policy
>>>
>>> company.local
>>> oldcompanyname.local (For which we have a static zone on DNS for a
>>> few
>>> bits
>>> of kit we are migrating over)
>>> parentcompany.com (Which is on our physical network (Not joined
>>> domains or
>>> anything like that) so is contactable)
>>> Register this connection's addresses in DNS is ticked use this local
>>> connection DNS suffix in DNS registration is not ticked
>>> So far all good, if a user requests a client/server in our network
>>> by just its hostname, it resolves, same with servers in the parent
>>> company which we use.
>>>
>>> The error we are getting is when the client attempts to register
>>> DNS, but the error is shown below:
>>>
>>> The Security System could not establish a secured connection with
>>> the server DNS/server.parentcompany.com. No authentication protocol
>>> was available.
>>>
>>> Firstly, if we append DNS suffixes, as we have done, are these used
>>> by the DNS client to attempt to register DNS records...
>>>
>>> For example, is my client attempting to register:
>>>
>>> name.company.local
>>> name.oldcompany.local
>>> name.parentcompany.com
>>> Not sure if this is the case (Just wanted clarification)...
>>> I think what is happening is that the client is registering
>>> correctly in the name.company.local zone, and then it is attempting
>>> to register in a reverse lookup zone, (We do not have any reverse
>>> lookup zones)... And then our DNS is forwarding this unresolved
>>> request to the parentcompany.com server, as it is listed as the
>>> first forwarder (For all DNS domains) in our DNS setup (Not sure why
>>> this is)...
>>>
>>> Can someone confirm this, have I got a situation similar to this?
>>>
>>> http://support.microsoft.com/kb/259922
>>>

Hi,

The error is logged on the client in the System Log when it is joining the
network and registering DNS:

Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 17/06/2008
Time: 09:03:19
User: N/A
Computer: PC1
Description:
The Security System could not establish a secured connection with the server
DNS/server.parentcompany.com. No authentication protocol was available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


"Meinolf Weber" wrote:

> Hello UselessUser,
>
> Where is the event id logged, on the server or client? Please post the complete
> event viewer entry, just press the 2 paper button int he right corner and
> paste to the posting.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > Hi,
> >
> > No I do not, what does this indicate?
> >
> > "Meinolf Weber" wrote:
> >
> >> Hello UselessUser,
> >>
> >> Do you have also event id 1054 and 1030 logged?
> >>
> >> Best regards
> >>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Hi all,
> >>>
> >>> Really trying hard to sort this network out! Every time a DNS
> >>> registration is attempted we receive a warning in the eventlog as
> >>> mentioned in the subject.
> >>>
> >>> Here is the scenario:
> >>>
> >>> PC is in company.local domain, and has primary domain suffix of
> >>> company.local
> >>>
> >>> PC has DHCP applied, with the append these DNS suffixes option set
> >>> via group policy
> >>>
> >>> company.local
> >>> oldcompanyname.local (For which we have a static zone on DNS for a
> >>> few
> >>> bits
> >>> of kit we are migrating over)
> >>> parentcompany.com (Which is on our physical network (Not joined
> >>> domains or
> >>> anything like that) so is contactable)
> >>> Register this connection's addresses in DNS is ticked use this local
> >>> connection DNS suffix in DNS registration is not ticked
> >>> So far all good, if a user requests a client/server in our network
> >>> by just its hostname, it resolves, same with servers in the parent
> >>> company which we use.
> >>>
> >>> The error we are getting is when the client attempts to register
> >>> DNS, but the error is shown below:
> >>>
> >>> The Security System could not establish a secured connection with
> >>> the server DNS/server.parentcompany.com. No authentication protocol
> >>> was available.
> >>>
> >>> Firstly, if we append DNS suffixes, as we have done, are these used
> >>> by the DNS client to attempt to register DNS records...
> >>>
> >>> For example, is my client attempting to register:
> >>>
> >>> name.company.local
> >>> name.oldcompany.local
> >>> name.parentcompany.com
> >>> Not sure if this is the case (Just wanted clarification)...
> >>> I think what is happening is that the client is registering
> >>> correctly in the name.company.local zone, and then it is attempting
> >>> to register in a reverse lookup zone, (We do not have any reverse
> >>> lookup zones)... And then our DNS is forwarding this unresolved
> >>> request to the parentcompany.com server, as it is listed as the
> >>> first forwarder (For all DNS domains) in our DNS setup (Not sure why
> >>> this is)...
> >>>
> >>> Can someone confirm this, have I got a situation similar to this?
> >>>
> >>> http://support.microsoft.com/kb/259922
> >>>
>
>
>

Hello UselessUser,

Check out this one:
http://www.eventid.net/display.asp?e...LsaSrv&phase=1

I would also add a reverse lookup zone, will not dsiturb even if it doesn't
solve your error.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> The Security System could not establish a secured connection
>