event id 40960 lsasrv when creating forest trusts relationships

Hi!

I was at a costumer who needed to have a bi-directional Trust relationships with diferent forests. One forest 2008 R2 and other 2003.

Every forest had one DC with the same netbios name and I created the Trust relationships fine but when I click on Verify an alert appeared saying that “The secure channel (SC) verification on domain controller \\SRVAAAAA of domain AAAAA.local to domain BBBBB.local failed with error: Access is denied.”

The event viewer show the warning event id 40960 lsasrv

The Security System detected an authentication error for the server <service>/<server name>. The failure code from authentication protocol Kerberos was “<error description> (<error code>)”.

The solution for me was to rename one of the Dcs.

Here you can find more info about the problem:

http://technet.microsoft.com/en-us/library/cc784334.aspx

http://blogs.technet.com/b/askds/archive/2009/04/10/name-suffix-routing.aspx

Regards!

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s