I have a MS Cluster with 2 nodes.Every few days they node become unresponsive first one then the other.Unless you reboot the servers you cant access them.When I check the event logs I see the following errrors Event Type:ErrorEvent Source:NETLOGONEvent Category:NoneEvent ID:5719Date:8/30/2008Time:10:24:18 AMUser:N/AComputer:serverDescription:This computer was not able to set up a secure session with a domain controller in domainDomain due to the following: The remote procedure call was cancelled. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. Data:0000: 50 00 02 c0 P.. Event Type:ErrorEvent Source:KerberosEvent Category:NoneEvent ID:7Date:8/30/2008Time:10:24:18 AMUser:N/AComputer:serverDescription:The kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client sys_EDMSSQLSNAP(service account)in realm domain had a PAC which failed to verify or was modified. Contact your system administrator. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.Data:0000: 5e 00 00 c0 ^.. Event Type:ErrorEvent Source:NETLOGONEvent Category:NoneEvent ID:5783Date:8/30/2008Time:10:14:18 AMUser:N/AComputer:serverDescription:The session setup to the Windows NT or Windows 2000 Domain Controller \\DC.domain.com for the domaindomain is not responsive. The current RPC call from Netlogon on \\server to \\DC.domain.com has been cancelled. Event Type:WarningEvent Source:LSASRVEvent Category:SPNEGO (Negotiator) Event ID:40960Date:8/30/2008Time:7:24:30 AMUser:N/AComputer:ServerDescription:The Security System detected an authentication error for the server Server. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.(0xc000005e)". I am trying to find out what is causing the issue.The domain controllers are vailable at all time and we dont have any issues with any other servers.I have checked the netowrk and it is fine.Please let me know what else I need to check.thanksEd System Admin

Hi Customer, According to the symptom, it seems that some resources, such as port, pagedpool, etc are exhausted. We may need to analyze the performance monitor log, netlogon.log and network monitor log to locate the root cause. Due to the complexity of this issue, Id like to suggest that you submit a service request to MS Professional tech support service so that a dedicated Support Professional can further assist with this request. We now provide different service offerings to meet diverse customer needs, and we take every service request from our customers seriously no matter which offering (newsgroup, chat, email, phone, etc) is selected. You can select Professional Email-based Support or Professional Phone-based Support. The following web site for more detail of Professional Support Options and incident submission methods is for your reference: http://support.microsoft.com/?LN=en-us&scid=gp;en-us;offerprophone. It was reported that this problem may occur when the available TCP user ports are used out by certain application. If this is the case, you can set the following two values in the registry. However, it is best that you contact CSS and identify the root cause before performing these steps. a. MaxUserPort (set to 65000)http://technet2.microsoft.com/WindowsServer/en/library/730fb465-d402-4853-bacc-16ba78e9fcc01033.mspx?mfr=true Steps to add MaxUserPort 1. Start Registry Editor. 2. Locate the following subkey in the registry, and then click Parameters: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 3. On the Edit menu, click New, and then add the following registry entry: Value Name: MaxUserPort Value Type: DWORD Value data: 65000 (decimal)4. Quit Registry Editor. Description: This parameter controls the maximum port number that is used when a program requests any available user port from the system. Typically, ephemeral (short-lived) ports are allocated between the values of 1024 and 5000 inclusive. b) TcpTimedWaitDelay (set to 30)http://technet2.microsoft.com/WindowsServer/en/library/38b8bf76-b7d3-473c-84e8-e657c0c619d11033.mspx?pf=true Steps to add TcpTimedWaitDelay 1. Start Registry Editor 2. Locate the following subkey in the registry, and then click Parameters: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters 3. On the Edit menu, click New, and then add the following registry entry: Value Name: TcpTimedWaitDelay Value Type: DWORD Value data: 30 (decimal) 4. Quit Registry Editor.Description: Reducing this value from its default setting of 240 seconds will make ports expire sooner. This parameter determines the length of time that a connection stays in the TIME_WAIT state when it is being closed. While a connection is in the TIME_WAIT state, the socket pair cannot be reused. Hope it helps. David Shen - MSFT