Re: Kerberos and Service Ticket Failure nightmares

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 01/22/03

• Next message: Karl Levinson [x y] mvp: "Re: Password Problems"
• Previous message: Karl Levinson [x y] mvp: "Re: LOST PASWORD"
• In reply to: Mike: "Kerberos and Service Ticket Failure nightmares"
• Next in thread: Ondřej Ševeček: "Re: Kerberos and Service Ticket Failure nightmares"
• Reply: Ondřej Ševeček: "Re: Kerberos and Service Ticket Failure nightmares"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Tue, 21 Jan 2003 20:23:16 -0500

I can't think of anything except to check the time on the workstation and
server, and possibly also the time zones on both.

"Mike" <hartnettmmd@hotmail.com> wrote in message
news:03c201c2c19a$7901ca40$d4f82ecf@TK2MSFTNGXA11...
> Hi All,
> I have W2K Servers SP3 that generate hundreds of Event 677
> Failure Code 0x20. The net effect is that users cant
> change their passwords without having the computer account
> reset. To try and get around this problem i have scheduled
> a batch that resets computer accounts hourly using Netdom.
> From what i gather a password change requests the Service
> Ticket Update prior to granting access to Security
> Accounts Manager , intern allowing a users account to be
> changed. If that part fails then access to SAM fails, and
> user cant change their password.
> The computer account reset works most of the time but not
> always. I know this is a Kereberos issue, but the solution
> escapes me.
>
> Would appreciate any suggestions, this is driving me nuts.
> Thanks,
> Mike

• Next message: Karl Levinson [x y] mvp: "Re: Password Problems"
• Previous message: Karl Levinson [x y] mvp: "Re: LOST PASWORD"
• In reply to: Mike: "Kerberos and Service Ticket Failure nightmares"
• Next in thread: Ondřej Ševeček: "Re: Kerberos and Service Ticket Failure nightmares"
• Reply: Ondřej Ševeček: "Re: Kerberos and Service Ticket Failure nightmares"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Kerberos and Service Ticket Failure nightmares ... The net effect is that users cant ... If that part fails then access to SAM fails, ... The computer account reset works most of the time but not ... (microsoft.public.win2000.security) Re: Kerberos and Service Ticket Failure nightmares ... Description: Service Ticket Request Failed: ... The net effect is that users cant ... >> change their passwords without having the computer account ... >> The computer account reset works most of the time but not ... (microsoft.public.win2000.security) Re: Reset computer account ... > There are user account objects just like there are computer account objects. ... > The computer account objects have a secure channel with a Domain Controller. ... > Microsoft gives us the ability to reset that secure channel. ... (microsoft.public.win2000.active_directory) Re: Trust Relationship Between 2 Domains ... secondary DNS servers. ... will need to rejoin the PC to the domain. ... I suggest you to reset computer account. ... (microsoft.public.windows.server.migration) Re: Cannot Logon to Domain, only new PC ... Once you reset the computer account in AD Users and Computers you have to ... >>the server. ... Rejoin the domain. ... (microsoft.public.win2000.active_directory)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint