Kerberos Error Getting Ticket From Domain: krb5kdc_err_s_principal_unknown
- From: "Will" <westes-usc@xxxxxxxxxxxxxx>
- Date: Fri, 23 Jun 2006 00:34:52 -0700
Member server A is contacting domain controller my-dc1 in domain
hq.corp.com. What I am seeing in the sniffer trace is that the member
server asks the my-dc1 domain controller in its role as a Kerberos ticket
granter for a ticket to the domain (i.e., krbtgt/hq.corp.com). The domain
controller is returning krb5kdc_err_s_principal_unknown. That can't be
good? What is the expected result when a member server asks for a ticket
for the entire domain?
The following line in the trace shows the member server asking for the
Kerberos ticket for the domain controller krbtgt/my-dc1 and this it does
obtain.
What would cause the domain controller to not recognize its own domain in
the Kerberos ticket request?
--
Will
.
- Follow-Ups:
- Re: Kerberos Error Getting Ticket From Domain: krb5kdc_err_s_principal_unknown
- From: Roger Abell [MVP]
- Re: Kerberos Error Getting Ticket From Domain: krb5kdc_err_s_principal_unknown
- Prev by Date: Re: Create Folders permission
- Next by Date: Re: Domain user login script execution.
- Previous by thread: Remote PERFMON or IPC$
- Next by thread: Re: Kerberos Error Getting Ticket From Domain: krb5kdc_err_s_principal_unknown
- Index(es):
Relevant Pages
|
