No Logon Servers error with FreeRADIUS + NTLM

[Knut Ingvald Dietzel]

On Thu, May 08, 2014 at 02:11:29PM +0000, Stefan Paetow wrote:
> Hi,

Hi, Stefan et al.

> I know this is not a problem with FreeRADIUS, however, there are
> several people on this list who run FreeRADIUS with Active Directory
> as a back end and I need their advice on this.
> 
> I've run into the dreaded "No logon servers (0xc000005e)" error with
> NTLM. In the past I've found that the computer password for the server
> expired on AD and that it was either fixed by rejoining, or by
> tweaking the password's expiry.
> 
> Do any AD folk on the list know what we can do to get this stable and
> that this does not occur again? Any ideas will be very useful.

I have also been hit by 0xc000005e. I had two mistakes in my setup that
I believe contributed to the issue:

1. I had specified a "password server" with a FQHN instead of ensuring
that they are automatically located by specifying "*" instead in
"/etc/samba/smb.conf".

2. I had too long hostnames for AD DNS (more than 12 characters), that
gave truncated entries. So that hostname on the server and DNS did not
match. Partial matching reference:

<URL:http://blogs.technet.com/b/askpfeplat/archive/2013/01/28/quick-reference-troubleshooting-netlogon-error-codes.aspx#_Toc345694514>


-- 
Best regards,
Knut
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160219/07800257/attachment.sig>