S
Steve F
I have been getting constant Kerberos errors in the Event
Logs on the Domain Controllers. We are a WIN2k, mixed
mode Domain & just decomissioned our last NT BDC and are
getting ready to switch to Native mode.
I was originally getting the following error in the
Security Log:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: 12/10/2003
Time: 12:32:50 PM
User: NT AUTHORITY\SYSTEM
Computer: DOMAINCONTROLLER4
Description:
Logon Failure:
Reason: An unexpected error occurred
during logon
User Name:
Domain:
Logon Type: 3
Logon Process: Kerberos
Authentication Package: Kerberos
Workstation Name:
I then enabled Kerberos error logging via the Registry on
1 DC & then got this error in the SYSTEM LOG :
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 594
Date: 12/10/2003
Time: 11:28:38 AM
User: N/A
Computer: DOMAINCONTROLLER4
Description:
A Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 16:28:38.0000 12/10/2003 (null) 0x7
Extended Error: KDC_ERR_S_PRINCIPAL_UNKNOWN
Client Realm:
Client Name:
Server Realm: MYDOMAIN.COM
Server Name: krbtgt/MYDOMAIN.COM
Target Name: HOST/[email protected]
Error Text:
File:
Line:
I know that the error refers to a server not being in the
Kerberos database but what server? I know that the
Target mentioned here ( HOST/[email protected] ) is
a legitimate server in my domain. I have received 2 of
these detailed messages ( only had Kerberos logging on
for a short time) both errors are the same with different
Target Names. The Audit failures in the Security Logs
happen every few seconds constantly.
Can I view the kerberos DB? Can I update it somehow?
Thanks,
Steve
Logs on the Domain Controllers. We are a WIN2k, mixed
mode Domain & just decomissioned our last NT BDC and are
getting ready to switch to Native mode.
I was originally getting the following error in the
Security Log:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: 12/10/2003
Time: 12:32:50 PM
User: NT AUTHORITY\SYSTEM
Computer: DOMAINCONTROLLER4
Description:
Logon Failure:
Reason: An unexpected error occurred
during logon
User Name:
Domain:
Logon Type: 3
Logon Process: Kerberos
Authentication Package: Kerberos
Workstation Name:
I then enabled Kerberos error logging via the Registry on
1 DC & then got this error in the SYSTEM LOG :
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 594
Date: 12/10/2003
Time: 11:28:38 AM
User: N/A
Computer: DOMAINCONTROLLER4
Description:
A Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 16:28:38.0000 12/10/2003 (null) 0x7
Extended Error: KDC_ERR_S_PRINCIPAL_UNKNOWN
Client Realm:
Client Name:
Server Realm: MYDOMAIN.COM
Server Name: krbtgt/MYDOMAIN.COM
Target Name: HOST/[email protected]
Error Text:
File:
Line:
I know that the error refers to a server not being in the
Kerberos database but what server? I know that the
Target mentioned here ( HOST/[email protected] ) is
a legitimate server in my domain. I have received 2 of
these detailed messages ( only had Kerberos logging on
for a short time) both errors are the same with different
Target Names. The Audit failures in the Security Logs
happen every few seconds constantly.
Can I view the kerberos DB? Can I update it somehow?
Thanks,
Steve