Re: Kerberos Issues

From: Rainer Gerhards (rgerhards_at_adiscon.com)
Date: 06/16/03

• Next message: enn: "Calculate users workingtime"
• Previous message: Rick: "Sign on at Administartor"
• In reply to: Nick O'Connor: "Kerberos Issues"
• Next in thread: Harini Raghavan \(MSFT\): "Re: Kerberos Issues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 16 Jun 2003 17:28:24 +0200

The 0x7 error code makes me believe that eventually there is some problem
with AD replication. We had a similar 0x6 error code this morning ... we are
still troubleshooting, but as it looks it was due to bad replication.

Just my 2ct, not sure if it helps ;)

Rainer

"Nick O'Connor" <nick.oconnor@sphs.com> schrieb im Newsbeitrag
news:08b801c33409$d9a8e360$a101280a@phx.gbl...
> I get a ton of Kerberos event log items. I have turned on
> the additional event logging to hopefully get more
> information. I will post what I am seeing below, I can't
> seem to find anything useful in the Knowledge Base.
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 4
> Date: 6/16/2003
> Time: 8:14:55 AM
> User: N/A
> Computer: MCKINLEY
> Description:
> The function InitializeSecurityContext received a Kerberos
> Error Message:
> on logon session
> Client Time:
> Server Time: 12:14:55.0000 6/16/2003 (null)
> Error Code: 0x20 KRB_AP_ERR_TKT_EXPIRED
> Client Realm:
> Client Name:
> Server Realm: SPHS.COM
> Server Name: krbtgt/SPHS.COM
> Target Name: krbtgt/SPHS.COM@SPHS.COM
> Error Text:
> File:
> Line:
> Error Data is in record data.
>
> The second one I see alot is:
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 4
> Date: 6/16/2003
> Time: 8:07:38 AM
> User: N/A
> Computer: MCKINLEY
> Description:
> The function InitializeSecurityContext received a Kerberos
> Error Message:
> on logon session
> Client Time:
> Server Time: 12:7:38.0000 6/16/2003 (null)
> Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN
> Client Realm:
> Client Name:
> Server Realm: SPHS.COM
> Server Name: krbtgt/SPHS.COM
> Target Name: HOST/WKS1631150001@SPHS.COM
> Error Text:
> File:
> Line:
> Error Data is in record data.
>
> Any help would be appreciated.
>

• Next message: enn: "Calculate users workingtime"
• Previous message: Rick: "Sign on at Administartor"
• In reply to: Nick O'Connor: "Kerberos Issues"
• Next in thread: Harini Raghavan \(MSFT\): "Re: Kerberos Issues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Kerberos Issues ... The function InitializeSecurityContext received a Kerberos ... Client Realm: ... Server Realm: SPHS.COM ... Error Data is in record data. ... (microsoft.public.win2000.security) Trusted domain not show in "Entire Directory" list. ... Client Realm: ... Server Realm: OLD_DOMAIN.COM ... Error Data is in record data. ... (microsoft.public.windows.server.active_directory) Re: Event ID 4 ... Jeff wrote: ... > The function InitializeSecurityContext received a Kerberos ... > Client Realm: ... (microsoft.public.win2000.security) Event ID: 3 Kerberos weird errors... ... Client Realm: ... Server Realm: ABC.COM ... Error Data is in record data. ... (microsoft.public.windows.server.security) RE: [FATAL] Kerberos does not have a ticket for <any of my servers> ... | I'm having Kerberos Issues!!! ... | the kerberos service ticket is different than that on the target server. ... | realm, and the client realm. ... (microsoft.public.win2000.active_directory)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint