Since the user changed his password the following error/warning messages are
appearing in the DC logs. My guess is that something, somewhere has retained
his old password and is attempting to access Group Policies every two hours.
What is it that is attempting to do this and how do I persuade it to use the
new password? This occurs when the user has logged off the network and
shut their workstation down. The error only occurs when the user is NOT
logged on the the network!
System Event Log - every 2 hours (approx)
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 22/01/2007
Time: 06:57:53
User: N/A
Computer: SENIOR
Description:
The Security System detected an authentication error for the server
ldap/senior.sion_domain.local/sion_domain.local@sion_domain.local. The
failure code from authentication protocol Kerberos was "The attempted logon
is invalid. This is either due to a bad username or authentication
information.
(0xc000006d)".
Application Event Log - every 2 hours (approx)
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 22/01/2007
Time: 08:45:54
User: SION_DOMAIN\username
Computer: SENIOR
Description:
Windows cannot query for the list of Group Policy objects. Check the event
log for possible messages previously logged by the policy engine that
describes the reason for this.
(The username has been altered to protect the guilty)
|
Similar Threads
Linear Mode
