iT邦幫忙

0

Server 2003 System Log Souse LsaSrv ID 6035

因使用遠端桌面,連線至Server 2003,發現在輸入帳號與密碼後,畫面只會閃一下,而無法進入遠端電腦,至該遠端電腦,以本機方式登入系統,確認可正常登入,經檢查Even Log發現,在System Log會出現來源為KsaSrv ID碼為6035之錯誤訊息,其Log內容如下:
在登入過程中,使用者的安全性內容累積太多識別碼,這是不尋常的狀況,請從一些通用或本機群組中,移除使用者來減少安全性識別碼的數目,以便傳入安全性內容中
目前嘗試過,把安全性 Log清除,以及檢查相關帳號之設定,皆無法修復,但若是將主機重新啟動,則會恢復正常
OS:Windows Server 2003 R2 For 32 Bit,未Join Domain
H/W IBM X3550 Server

16
why0412
iT邦新手 3 級 ‧ 2009-10-16 15:24:37

http://www.eventid.net 查看看event log的解決方法

14
12
marshuang
iT邦新手 1 級 ‧ 2010-01-11 09:30:35

http://download.microsoft.com/download/8/f/3/8f36dfe4-47d0-4775-ad5a-5614384921aa/AccessTokenLimitation.doc
微軟曾對此問題整理文件說明
he access token limitation is particularly problematic for domain controllers. A domain controller which has reached the access token limitation is no longer able to authenticate with other domain controllers, resulting in services such as replication no longer functioning.
If a replication failure on a domain controller occurs due to an access token limitation problem, errors such as the following appear in the Event Log:
• System
• Source: LSASRV
• EventID: 6035
• Message text:
During a logon attempt, the user’s security context accumulated too many security IDs. This is a very unusual situation. Remove the user from some global groups to reduce the number of security IDs to incorporate into the security context.
User's SID is S-1-5-18
If this is the Administrator account, logging on in safe mode will enable Administrator to log on by automatically restricting group memberships.
For Event 6035, you receive more than one of these System errors. You get multiple errors for the Domain Controllers group which is locked out and errors for the specific domain controller which had the access token limitation problem. In the message text above, the number in "User's SID is S-1-5-18" is a variable unique to each domain controller.

我要發表回答

立即登入回答