Re: Kerberos Tickets
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 28 Dec 2005 13:00:17 -0600
It is possible that the client computer can not find the domain controller
because of DNS problems with the client and/or domain controller. Read the
link below on Active Directory DNS FAQ to make sure your DNS is correctly
configured in the domain and NEVER use and ISP DNS server as a preferred DNS
server for any domain computer. Also use the support tools netdiag on any
domain computer and dcdiag on domain controllers only for further
troubleshooting of problems including DNS, dc discovery, secure channel, and
much more and look in the logs of the computers involved to see if any
pertinent errors/warnings are found. Domain computers also need to be kept
in synch time wise which should be done automatically. --- Steve
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
http://support.microsoft.com/default.aspx?scid=kb;en-us;321708 --- netdiag
and support tools
"Brady" <Brady@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CD175C37-0C46-46C1-8D78-9E5637BA4C86@xxxxxxxxxxxxxxxx
>I am looking for any information on a network event/anomaly that would help
> explain why a Kerberos ticket would expire or go stale. Our understanding
> is
> that if a domain controller is not avaialble for a period of time or
> unavailable at the time of login it could create this scenario. The
> question
> posed is what would create this behavior, being there was no indication
> that
> the DC was unavailable?
.
- Prev by Date: Re: Different Password age
- Next by Date: Re: Different Password age
- Previous by thread: Different Password age
- Next by thread: how to block msn files transfer ?
- Index(es):
Relevant Pages
|
|
