Exchange Management Console Unable to Connect to Active Directory with Event ID 40960

  • Article

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

This topic provides information about how to troubleshoot the Exchange Management Console if is unable to connect to Active Directory with Event ID 40960.

If this error occurs, event log errors are generated with the following information:

Event ID: 40960

Event Source: LSASRV

Event Type: Warning

Description: The Security System detected an authentication error for the server ldap/WORKSTATION1.  The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request."

This issue can be caused by the following:

  • Kerberos authentication is not available or is not working correctly between the administrative workstation and the domain controller.

  • The Kerberos protocol requires that all computer clocks be synchronized to within five minutes of each other.

  • The administrative workstation is not a member of a domain, or there is a problem with its domain membership.

  • An invalid user name or password has been stored on the administrative workstation for use when connecting to a particular domain controller. This stored credential is overriding your current logon credentials. In Microsoft Windows Server 2003, you can store credentials by using the Stored User Names and Passwords applet in Control Panel.

  • Intermittent network connectivity issues.

Before You Begin

To perform this procedure, the account you use must be delegated membership in the local Administrators group. For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange 2007, see Permission Considerations.

Resolution

To resolve the problem, do one or all of the following: