kdc_err_s_principal_unknown

G

g

Can anyone help me? my applications/database server all of a sudden is
getting this error in system event log.
Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 18:0:26.0000 1/2/2004 (null) 0x7 Extended Error:
KDC_ERR_S_PRINCIPAL_UNKNOWN Client Realm: Client Name: Server Realm:
DOMAIN.CA
Server Name: krbtgt/DOMAIN.CA
Target Name: MSSQLSvc/fsrvsea1.domain.ca:[email protected] Error Text: File:
Line:
Error Data is in record data.

domain.ca=renamed real ad domain name.
 
O

Ozone

This has to do with a server not found in the Kerberos database. Is this
the only error you are getting, and is this the entire event log entry? He
is what I could find about this error on the MS site.

0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"
The KDC could not translate the server principal name from the KDC request
into an account in the Active Directory. Generally, verifying whether the
server account exists and has propagated to the domain controller that
generated the error. Checking Active Directory replication may provides an
indication of why the error occurred. Also if the server is not at least
Windows 2000, there will not be any service principal names registered
because that server is not capable of authenticating with Kerberos. In this
case, this error can be ignored because the client will then switch to NTLM
for authentication.

Ozone.
 
G

g

This has to do with a server not found in the Kerberos database. Is this
the only error you are getting, and is this the entire event log entry? He
is what I could find about this error on the MS site.

0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"
The KDC could not translate the server principal name from the KDC request
into an account in the Active Directory. Generally, verifying whether the
server account exists and has propagated to the domain controller that
generated the error. Checking Active Directory replication may provides an
indication of why the error occurred. Also if the server is not at least
Windows 2000, there will not be any service principal names registered
because that server is not capable of authenticating with Kerberos. In this
case, this error can be ignored because the client will then switch to NTLM
for authentication.

Thanks for the reply, but does it mean the server that the event errors
are generated on is the one not found? This is not happening on the dc's
at all but on my 2k member server that is an application+database server.
an anyone help me? my applications erver all of a sudden is getting this
error in system event log.I do not have any nt4 servers in the domain.ca
but I do have 8 trusts with nt4 domains.

Could it be a missconfigured app?

I do not have a server named
Server Name: krbtgt/DOMAIN.CA
or is it the
Target Name: MSSQLSvc/fsrvsea1.domain.ca:[email protected]
that tells me about the offending server?
fsrvsea1.domain.ca is my app+dbserver where the event is generated.

My system event log is a sea of red on the server of basically the same
message every 10 or so seconds.
Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 18:0:26.0000 1/2/2004 (null) 0x7 Extended Error:
KDC_ERR_S_PRINCIPAL_UNKNOWN Client Realm: Client Name: Server Realm:
DOMAIN.CA
Server Name: krbtgt/DOMAIN.CA
Target Name: MSSQLSvc/fsrvsea1.domain.ca:[email protected] Error Text: File:
Line:
Error Data is in record data.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

KDC_ERR_S_PRINCIPAL_UNKNOWN 4
kdc_err_s_principal_unknown ? 4
kerberos errors 1
KDC_ERR_S_PRINCIPAL_UNKNOWN 1
Event ID 594 1
What is this telling me? 1
Kerberos Errors 1
Kerberos Error 594 1

Top