Re: Kerberos Issues

From: Harini Raghavan \(MSFT\) (harinir_at_online.microsoft.com)
Date: 06/17/03


Date: Tue, 17 Jun 2003 09:50:31 -0700


the ticket expired can happen if there is a time difference in the machine
with the event and who it is presenting the ticket to
The event means the ticket you are presenting to your server has already
expired. Please check if there are time differences

for the second event - the event means the kdc (key distribution center)
does not recognize the target name (it means unknown service principal name)
Was the machine WKS1631150001 part of the domain sphs.com and later got
disconnected etc?

Please refer RFC 1510 (Kerberos) for explanation of these error codes (it
will help in understanding the problem)

thanks
harini

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Any opinions or policies stated within are my own and do not necessarily
constitute those of my employer. Use of included script samples are subject
to the terms
specified at http://www.microsoft.com/info/cpyright.htm
"Nick O'Connor" <nick.oconnor@sphs.com> wrote in message
news:08b801c33409$d9a8e360$a101280a@phx.gbl...
> I get a ton of Kerberos event log items. I have turned on
> the additional event logging to hopefully get more
> information. I will post what I am seeing below, I can't
> seem to find anything useful in the Knowledge Base.
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 4
> Date: 6/16/2003
> Time: 8:14:55 AM
> User: N/A
> Computer: MCKINLEY
> Description:
> The function InitializeSecurityContext received a Kerberos
> Error Message:
>          on logon session
>  Client Time:
>  Server Time: 12:14:55.0000 6/16/2003 (null)
>  Error Code: 0x20 KRB_AP_ERR_TKT_EXPIRED
>  Client Realm:
>  Client Name:
>  Server Realm: SPHS.COM
>  Server Name: krbtgt/SPHS.COM
>  Target Name: krbtgt/SPHS.COM@SPHS.COM
>  Error Text:
>  File:
>  Line:
>  Error Data is in record data.
>
> The second one I see alot is:
>
> Event Type: Error
> Event Source: Kerberos
> Event Category: None
> Event ID: 4
> Date: 6/16/2003
> Time: 8:07:38 AM
> User: N/A
> Computer: MCKINLEY
> Description:
> The function InitializeSecurityContext received a Kerberos
> Error Message:
>          on logon session
>  Client Time:
>  Server Time: 12:7:38.0000 6/16/2003 (null)
>  Error Code: 0x7  KDC_ERR_S_PRINCIPAL_UNKNOWN
>  Client Realm:
>  Client Name:
>  Server Realm: SPHS.COM
>  Server Name: krbtgt/SPHS.COM
>  Target Name: HOST/WKS1631150001@SPHS.COM
>  Error Text:
>  File:
>  Line:
>  Error Data is in record data.
>
> Any help would be appreciated.
>


Relevant Pages

  • Re: Kerberos authentication fails
    ... we had have kerberos log activated yesterday while we test the ... Client Server Name: ... * System Event logs in GPRSServer03 ... Server domain: DISTROMEL.GPRS ...
    (microsoft.public.sqlserver)
  • Re: Kerberos authentication fails
    ... we had have kerberos log activated yesterday while we test the ... Client Server Name: ... * System Event logs in GPRSServer03 ... Server domain: DISTROMEL.GPRS ...
    (microsoft.public.win2000.security)
  • Re: Server not found in Kerberos Database
    ... Server not found in Kerberos Database ... When I am trying to do a kinit on the client, ... I have a KDC on Win2003 and a client which is a Linux is trying = ...
    (comp.protocols.kerberos)
  • RE: Critical Errors in System Log
    ... EventID: 4 Source: Kerberos ... The kerberos client received a KRB_AP_ERR_MODIFIED error from the server ... the kerberos service ticket is different than that on the target server. ...
    (microsoft.public.windows.server.sbs)
  • Service Ticket Request Failure Audit
    ... Service Ticket Request: ... Please make sure that the time between the client and the server ...
    (microsoft.public.windows.server.sbs)