No authentication protocol was available

I have an old Windows 2003 Server that was formerly a doprimary controller, yet has been demoted. I haven"t eliminated it yet due to other functions that we need it for. But I keep seeing this error popping up in Event Viewer referencing the brand-new DC"s which are running Server 2012 R2.

You watching: No authentication protocol was available

"The Security System detected an authentication error for the server ldap/
xxx.DOMAIN. The faitempt code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication indevelopment. (0xc000006d)"."

I run a dcdiag on the brand-new DC"s and whatever checks out including ldap tests. I"m not seeing anypoint inexplicable that I can tell in Event Viewer on the new DC"s. Is this something I must be pertained to about?


We rebooted the server and this worry shows up to have actually gone amethod. I may have actually had actually an open up session under my credentials via an expired password. Either method, it"s refixed now.



I did a little of digging and uncovered this, I"m not sure if this will certainly work-related or not but it appears to have operated for others:

From this MS KB:

To solve this problem, follow these steps:Run the adhering to command also on the root domain controllers of the parent domajor and of the kid doprimary. This command also resets the trust connection in between the parent and son doprimary.

See more: How To Fix File System Error (-8053, Top 7 Methods To Repair File System Error

Netdom trust trusting_domain_name /Domain:trusted_domain_name /UserD:user /PasswordD:* /UserO:user /PasswordO:* /reset

NotesThe trusting_domain_name placeholder represents the name of the trusting domajor.The trusted_domain_name placeholder represents the name of the trusted doprimary.The user placeholder in the /UserD:user parameter represents the user account that connects to the trusted domajor.The user placeholder in the /UserO:user parameter represents the user account that connects to the trusting domain.Exreadjust the designated domain names in the trusting_domain_name and also trusted_domain_name parameters from step 1, and also then run the Netdom trust command also again.

Note Steps 1 and 2 recollection both directions of the trust.Let the parent and kid doprimary controllers replicate the changes.Restart the root doprimary controllers of the parent doprimary and also of the child domajor. Refounding these doprimary controllers gets rid of the Kerberos tickets.

See more: Standard Dual Channel Pci Ide Controller Driver, Finding The Latest

Keep in mind You have the right to additionally use the Kerbtray tool to remove the Kerberos tickets. The Kerbtray tool is had in the Windows Server 2003 Resource Kit Tools package.