| Author |
Message |
Nerd
Guest
|
 Posted:
Mon Nov 07, 2005 9:50 pm Post subject:
ERROR 930-vpn access |
|
|
My VPN users are not able to connect to active directory when NT4Emulator is
remoed from the domain controller. Error 930 unable to authneticate. The VPN
server is configured to provide DNS and WINS of the, domain controller,
inforamtion when it assigns IP addresses. I have also added the VPN server to
the RAS and IAS Servers local security group. Still the problem presists.
Since this is the first domain controller that I removed NT4emulator, I have
temporarly stopped the netlogin service until I can figure out what the
problem and resolve. Any assistance would be appreciated. |
|
| Back to top |
|
 |
Paul Williams [MVP]
Guest
|
| Posted:
Tue Nov 08, 2005 9:51 am Post subject:
Re: ERROR 930-vpn access |
|
|
What OS and SP level are the DCs? 2003 SP1?
Also, is all traffic allowed through the VPN?
In addition, are you sure DNS is OK? Do you also have public DNS servers
listed? Does one of the following commands work?
nltest /dsgetdc:domain-name.com
nslookup -type=srv _ldap._tcp.dc._msdcs.domain-name.com
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net |
|
| Back to top |
|
|
Nerd
Guest
|
| Posted:
Tue Nov 08, 2005 5:51 pm Post subject:
Re: ERROR 930-vpn access |
|
|
The OS is 2003 with SP 1. There are no public DNS servers listed. I will try
the commands and let you know. Thanks
"Paul Williams [MVP]" wrote:
| Quote: | What OS and SP level are the DCs? 2003 SP1?
Also, is all traffic allowed through the VPN?
In addition, are you sure DNS is OK? Do you also have public DNS servers
listed? Does one of the following commands work?
nltest /dsgetdc:domain-name.com
nslookup -type=srv _ldap._tcp.dc._msdcs.domain-name.com
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net
|
|
|
| Back to top |
|
|
Nerd
Guest
|
| Posted:
Wed Nov 09, 2005 5:50 pm Post subject:
Re: ERROR 930-vpn access |
|
|
Here is a sample result for for all DCs
C:\Program Files\Support Tools>nslookup -type=srv
_ldap._tcp.dc._msdcs.domain.name
*** Server: servername.domain.name
Address: 192.6.8.23
_ldap._tcp.dc._msdcs.domain.name SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = servername.domain.name
C:\Program Files\Support Tools>nltest /dsgetdc:domain.name
DC: \\servername.domain.name
Address: \\192.6.8.22
Dom Guid: 90221a10-764f-4ce0-809e-5e5lb2da41d4
Dom Name: domain.name
Forest Name: domain.name
Dc Site Name: corp
Our Site Name: corp
Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC
DNS_DOMAIN DNS_FOREST CLOSE_SIT
E
The command completed successfully
"Nerd" wrote:
| Quote: | The OS is 2003 with SP 1. There are no public DNS servers listed. I will try
the commands and let you know. Thanks
"Paul Williams [MVP]" wrote:
What OS and SP level are the DCs? 2003 SP1?
Also, is all traffic allowed through the VPN?
In addition, are you sure DNS is OK? Do you also have public DNS servers
listed? Does one of the following commands work?
nltest /dsgetdc:domain-name.com
nslookup -type=srv _ldap._tcp.dc._msdcs.domain-name.com
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net
|
|
|
| Back to top |
|
|
Paul Williams [MVP]
Guest
|
| Posted:
Thu Nov 10, 2005 1:51 am Post subject:
Re: ERROR 930-vpn access |
|
|
Hmmm. DNS is good then. This suggests an issue with the VPN setup. This
is difficult for me to troubleshoot now, as I don't know how this is setup.
Check the VPN setup, and come back with a description as to how this is
working.
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in