NetLogon error 5805

  • Thread starter Thread starter Guest
  • Start date Start date
Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.active_directory (More info?)

I have a forest with several child domains, disrbuted on several site with
nearly every site having its own child domain.

as for site 1 & site 2 everything is working fine, but site 3 i have a
strange problem when i try loggin on with EA account i get access denied and
also this error is registered in the application event log of the parnet
server (netlogon error 5805 - The session setup from the computer [child]
failed to authenticate. The following error occurred: Access is denied. )

also running dcdiag /fix on child it failed the knowsOfRoleHolders test with
the following
[parnet] is the schema owner but is not responding to LDAP bind.
[parnet] is the domain owner but is not responding to LDAP bind / DS RPC bind.

active directery replication is ok, DNS is ok, WINS, Dnslint ...etc shared
files, exchange, accessing database on the parnet server all works fine,
little slow but works.

as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP links
works from parnet to child but fails from child to parnet & SMTP site link is
used instead.

please i need help

--
Eng. M William
 
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Is there a internal firewall in place?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

"Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
meddelandet news😀9BC5819-FAD6-4BAE-A07B-0A63240E6B16@microsoft.com...
>I have a forest with several child domains, disrbuted on several site with
> nearly every site having its own child domain.
>
> as for site 1 & site 2 everything is working fine, but site 3 i have a
> strange problem when i try loggin on with EA account i get access denied
> and
> also this error is registered in the application event log of the parnet
> server (netlogon error 5805 - The session setup from the computer [child]
> failed to authenticate. The following error occurred: Access is denied. )
>
> also running dcdiag /fix on child it failed the knowsOfRoleHolders test
> with
> the following
> [parnet] is the schema owner but is not responding to LDAP bind.
> [parnet] is the domain owner but is not responding to LDAP bind / DS RPC
> bind.
>
> active directery replication is ok, DNS is ok, WINS, Dnslint ...etc shared
> files, exchange, accessing database on the parnet server all works fine,
> little slow but works.
>
> as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
> links
> works from parnet to child but fails from child to parnet & SMTP site link
> is
> used instead.
>
> please i need help
>
> --
> Eng. M William
 
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Yes, and i have checked and tried telnet on port 389 & 53 both responded both
ways, is there another way to test?

"Chriss3 [MVP]" wrote:

> Is there a internal firewall in place?
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Tips
>
> "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
> meddelandet news😀9BC5819-FAD6-4BAE-A07B-0A63240E6B16@microsoft.com...
> >I have a forest with several child domains, disrbuted on several site with
> > nearly every site having its own child domain.
> >
> > as for site 1 & site 2 everything is working fine, but site 3 i have a
> > strange problem when i try loggin on with EA account i get access denied
> > and
> > also this error is registered in the application event log of the parnet
> > server (netlogon error 5805 - The session setup from the computer [child]
> > failed to authenticate. The following error occurred: Access is denied. )
> >
> > also running dcdiag /fix on child it failed the knowsOfRoleHolders test
> > with
> > the following
> > [parnet] is the schema owner but is not responding to LDAP bind.
> > [parnet] is the domain owner but is not responding to LDAP bind / DS RPC
> > bind.
> >
> > active directery replication is ok, DNS is ok, WINS, Dnslint ...etc shared
> > files, exchange, accessing database on the parnet server all works fine,
> > little slow but works.
> >
> > as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
> > links
> > works from parnet to child but fails from child to parnet & SMTP site link
> > is
> > used instead.
> >
> > please i need help
> >
> > --
> > Eng. M William
>
>
>
 
Archived from groups: microsoft.public.win2000.active_directory (More info?)

Have a look at threes articles below:

Active Directory in Networks Segmented by Firewalls:
http://www.microsoft.com/downloads/details.aspx?FamilyID=c2ef3846-43f0-4caf-9767-a9166368434e&DisplayLang=en

Restricting Active Directory Replication Traffic to a Specific Port:
http://support.microsoft.com/default.aspx?scid=kb;en-us;224196

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Tips

"Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
meddelandet news:7BCE33DA-B862-47D1-92A0-C49D150F8935@microsoft.com...
> Yes, and i have checked and tried telnet on port 389 & 53 both responded
> both
> ways, is there another way to test?
>
> "Chriss3 [MVP]" wrote:
>
>> Is there a internal firewall in place?
>>
>> --
>> Regards
>> Christoffer Andersson
>> Microsoft MVP - Directory Services
>>
>> No email replies please - reply in the newsgroup
>> ------------------------------------------------
>> http://www.chrisse.se - Active Directory Tips
>>
>> "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
>> meddelandet news😀9BC5819-FAD6-4BAE-A07B-0A63240E6B16@microsoft.com...
>> >I have a forest with several child domains, disrbuted on several site
>> >with
>> > nearly every site having its own child domain.
>> >
>> > as for site 1 & site 2 everything is working fine, but site 3 i have a
>> > strange problem when i try loggin on with EA account i get access
>> > denied
>> > and
>> > also this error is registered in the application event log of the
>> > parnet
>> > server (netlogon error 5805 - The session setup from the computer
>> > [child]
>> > failed to authenticate. The following error occurred: Access is
>> > denied. )
>> >
>> > also running dcdiag /fix on child it failed the knowsOfRoleHolders test
>> > with
>> > the following
>> > [parnet] is the schema owner but is not responding to LDAP bind.
>> > [parnet] is the domain owner but is not responding to LDAP bind / DS
>> > RPC
>> > bind.
>> >
>> > active directery replication is ok, DNS is ok, WINS, Dnslint ...etc
>> > shared
>> > files, exchange, accessing database on the parnet server all works
>> > fine,
>> > little slow but works.
>> >
>> > as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
>> > links
>> > works from parnet to child but fails from child to parnet & SMTP site
>> > link
>> > is
>> > used instead.
>> >
>> > please i need help
>> >
>> > --
>> > Eng. M William
>>
>>
>>
 
Archived from groups: microsoft.public.win2000.active_directory (More info?)

i went thorugh both links, thanks, i have even found my self another one [
active directory replication over firewalls ] though i went & opened all port
described in that article i still failed, but when i changed the site links
from IP to SMTP replication worked fine, and the netlogon error was replcaed
with a new one netlogon error 5723 [ the session setup from computer 'child'
failed because the security database dose not contain a trust account
'child$' refernced by the specified computer.

i still can't logon to the dc with EA and still fail dcdiag in the
knowsRoleHolder test in the schema & domain owner tests.

Do you still think it is a firewall problem? is there a tool i could use to
test the firwall if its filtering the AD data? could i trace the
authenication data and see where its failing? does have a high latency (ping
is 400-800 ms) network cause such problem?


"Chriss3 [MVP]" wrote:

> Have a look at threes articles below:
>
> Active Directory in Networks Segmented by Firewalls:
> http://www.microsoft.com/downloads/details.aspx?FamilyID=c2ef3846-43f0-4caf-9767-a9166368434e&DisplayLang=en
>
> Restricting Active Directory Replication Traffic to a Specific Port:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;224196
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Tips
>
> "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
> meddelandet news:7BCE33DA-B862-47D1-92A0-C49D150F8935@microsoft.com...
> > Yes, and i have checked and tried telnet on port 389 & 53 both responded
> > both
> > ways, is there another way to test?
> >
> > "Chriss3 [MVP]" wrote:
> >
> >> Is there a internal firewall in place?
> >>
> >> --
> >> Regards
> >> Christoffer Andersson
> >> Microsoft MVP - Directory Services
> >>
> >> No email replies please - reply in the newsgroup
> >> ------------------------------------------------
> >> http://www.chrisse.se - Active Directory Tips
> >>
> >> "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> skrev i
> >> meddelandet news😀9BC5819-FAD6-4BAE-A07B-0A63240E6B16@microsoft.com...
> >> >I have a forest with several child domains, disrbuted on several site
> >> >with
> >> > nearly every site having its own child domain.
> >> >
> >> > as for site 1 & site 2 everything is working fine, but site 3 i have a
> >> > strange problem when i try loggin on with EA account i get access
> >> > denied
> >> > and
> >> > also this error is registered in the application event log of the
> >> > parnet
> >> > server (netlogon error 5805 - The session setup from the computer
> >> > [child]
> >> > failed to authenticate. The following error occurred: Access is
> >> > denied. )
> >> >
> >> > also running dcdiag /fix on child it failed the knowsOfRoleHolders test
> >> > with
> >> > the following
> >> > [parnet] is the schema owner but is not responding to LDAP bind.
> >> > [parnet] is the domain owner but is not responding to LDAP bind / DS
> >> > RPC
> >> > bind.
> >> >
> >> > active directery replication is ok, DNS is ok, WINS, Dnslint ...etc
> >> > shared
> >> > files, exchange, accessing database on the parnet server all works
> >> > fine,
> >> > little slow but works.
> >> >
> >> > as for site 1 & 2 IP site links are working fine but for stie 1 & 3 IP
> >> > links
> >> > works from parnet to child but fails from child to parnet & SMTP site
> >> > link
> >> > is
> >> > used instead.
> >> >
> >> > please i need help
> >> >
> >> > --
> >> > Eng. M William
> >>
> >>
> >>
>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom