ICMP from workstations in one domain to another domain's DCs

Does anyone know why workstations in done domain would be sending echo
requests to DC's of another domain? Both domains are in the same forest.

Stephen

Hello Slogan,

I can not really follow your question, do you mean they ping automatically
another dc? Please go more in detail, when it happens and how the network
is setup.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Does anyone know why workstations in done domain would be sending echo
> requests to DC's of another domain? Both domains are in the same
> forest.
>
> Stephen
>

It took me a few tries before the message took. Each time I rewrote it it
got less and less detail.

Here is the setup. Two domains, each hundreds of miles a part. Each domain
is behind it's own boundary router and firewall (2 of each, one for each
domain.) As stated before they are in the same forest, but not the same
site. I have no general reason that the worksations would even have a
"legitimate" reason for the workstations to talk via ICMP echo requests to
the other domain's DCs. Base A's workstations send domain B's DCs. But not
the reverse. This is being done by a hundred or more workstations. It is
creating a lot of excess overhead in my opinion. I recently found that they
are getting error messages in system log as below:

aaa.bbb.ccc.ddd.com = domain B

error messages are coming from domain A's workstations.

lsasrv error : 40961

The Security System could not establish a secured connection with the server
ldap/aaa.bbb.ccc.ddd.com. No authentication protocol was available.

and error:

lsasrv error : 40960

The Security System detected an authentication error for the server
ldap/aaaDC82.aaa.bbb.ccc.ddd.coml/(E-Mail Removed).
The failure code from authentication protocol Kerberos was "There are
currently no logon servers available to service the logon request.
(0xc000005e)".

Main Question is :

Why do workstations in domain A need to send ICMP requests to DCs in domain B?




"Meinolf Weber" wrote:

> Hello Slogan,
>
> I can not really follow your question, do you mean they ping automatically
> another dc? Please go more in detail, when it happens and how the network
> is setup.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > Does anyone know why workstations in done domain would be sending echo
> > requests to DC's of another domain? Both domains are in the same
> > forest.
> >
> > Stephen
> >
>
>
>

Hello Slogan,

So if the clients "talk" to the other domain how is your DNS setup? Please
post an unedited ipconfig /all from one client of each domain and also one
DC/DNS server from one.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> It took me a few tries before the message took. Each time I rewrote
> it it got less and less detail.
>
> Here is the setup. Two domains, each hundreds of miles a part. Each
> domain is behind it's own boundary router and firewall (2 of each, one
> for each domain.) As stated before they are in the same forest, but
> not the same site. I have no general reason that the worksations
> would even have a "legitimate" reason for the workstations to talk via
> ICMP echo requests to the other domain's DCs. Base A's workstations
> send domain B's DCs. But not the reverse. This is being done by a
> hundred or more workstations. It is creating a lot of excess overhead
> in my opinion. I recently found that they are getting error messages
> in system log as below:
>
> aaa.bbb.ccc.ddd.com = domain B
>
> error messages are coming from domain A's workstations.
>
> lsasrv error : 40961
>
> The Security System could not establish a secured connection with the
> server ldap/aaa.bbb.ccc.ddd.com. No authentication protocol was
> available.
>
> and error:
>
> lsasrv error : 40960
>
> The Security System detected an authentication error for the server
> ldap/aaaDC82.aaa.bbb.ccc.ddd.coml/(E-Mail Removed).
> com.
> The failure code from authentication protocol Kerberos was "There are
> currently no logon servers available to service the logon request.
> (0xc000005e)".
> Main Question is :
>
> Why do workstations in domain A need to send ICMP requests to DCs in
> domain B?
>
> "Meinolf Weber" wrote:
>
>> Hello Slogan,
>>
>> I can not really follow your question, do you mean they ping
>> automatically another dc? Please go more in detail, when it happens
>> and how the network is setup.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Does anyone know why workstations in done domain would be sending
>>> echo requests to DC's of another domain? Both domains are in the
>>> same forest.
>>>
>>> Stephen
>>>