User account lockout with LSASRV errors

[profit]

A user is getting there domain account locked out every couple of hours with the following event log errors:

Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 17/07/2003
Time: 18:20:18
User: N/A
Computer: HIGGS
Description:
The Security System could not establish a secured connection with the server LDAP/remus.prophet.co.uk. No authentication protocol was available.

and:

Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 17/07/2003
Time: 18:20:18
User: N/A
Computer: HIGGS
Description:
The Security System detected an attempted downgrade attack for server LDAP/remus.prophet.co.uk. The failure code from authentication protocol Kerberos was "The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested.
(0xc0000234)".

 

[ReddLefty]

Make sure you have a SVR record in your DNS that points to a Windows 2000 Service that is tied into Active Directory.



"In space, nobody can hear you click..."

 

[profit]

All the LDAP severce locations are setup in the DNS. I am using the DNS that comes with Windows 2000. This is only a problem on one PC at the moment , though it would have to be the MD,s.