You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-server/active-directory/domain-join-error-0x40-the-specified-network-name-is-no-longer-available.md
+22-1Lines changed: 22 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -39,7 +39,7 @@ NetpJoinDomainOnDs: Function exits with status of: 0x40
39
39
This issue occurs when either of the following conditions is met:
40
40
41
41
- A WAN accelerator device responds to acknowledge the TGS request package, but the response does not arrives at the Key Distribution Center (KDC). Generally, IP Time to Live (TTL) frame fields have values of 64 or lower because this is the TTL used by Unix-like devices, and WAN accelerators are generally based on Linux.
42
-
- A network device such as a firewall between the client and the DC dropped the KDC response. You can find more details in the concurrent network trace of the DC traffic.
42
+
- A network device such as a firewall between the client and the Domain Controller (DC) dropped the KDC response. You can find more details in the concurrent network trace of the DC traffic.
43
43
44
44
## Troubleshooting
45
45
@@ -79,4 +79,25 @@ Here's an example of a network trace:
> A full understanding of the behavior needs a trace from the DC network, it may also clarify why the client does not reset the session earlier. The following is what we can tell about the failure:
86
+
87
+
In frames 1541, 1542 and 1545 the client first retransmits the TCP segment and then lowers the size of the frame. The data in frame 1545 is acknowledged in frame 1546.
88
+
89
+
The client continues to send data until the last segment in 1550 with Push bit and last byte 1299631114. This is acknowledged by the server in frame 1555.
90
+
91
+
In the meantime, the client sends another request to the serve in frames 1552 and 1556, last byte 1299632506. This is acknowledged by the server in frame 1558.
92
+
93
+
But until the client decides to terminate the session, there is just a single message from the server (frame 1553). The sequence number that make it to the client indicate the server does send other data, from the sequence numbers:
94
+
95
+
```output
96
+
2785282676 first in frame 1540
97
+
2785284426 first in frame 1555
98
+
2785284136 first in frame 1563
99
+
```
100
+
101
+
The last sequence number is lower than the one the server sends in frame 1555. The client never saw this data and thus acknowledges 2785282676 throughout the network trace. This is a direct indication of problems with the correct flow of network traffic.
102
+
82
103
From the trace, you can find the DC doesn't respond to the Ticket Granting Service (TGS) request from the client for the Service Principal Name (SPN) `CIFS/DC1.ADATUM.COM`. It sends back a TCP acknowledgment, which suggests the DC received the TGS request. However, it doesn't reply with a valid TGS response. Finally, the client terminates the TCP connection.
0 commit comments