kerberos

F

fering

Hi ,

I get these errors on windows 2003 servers that are in cluster, my domain
controler is windows 2000.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 3
Date: 11/24/2003
Time: 5:10:41 PM
User: N/A
Computer: TA_MSMQ_2
Description:
A Kerberos Error Message was received:
on logon session
Client Time:
Server Time: 15:10:41.0000 11/24/2003 Z
Error Code: 0xe KDC_ERR_ETYPE_NOTSUPP
Extended Error:
Client Realm:
Client Name:
Server Realm: MEDIAllLAB.COM
Server Name: krbtgt/MEDIllllllALAB.COM
Target Name:
Error Text:
File: 9
Line: ab8
Error Data is in record data.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Any idea ?

Thanks
Danny
 
I

IBTerry [MSFT]

Here is what that error means....
0xE (KDC_ERR_ETYPE_NOTSUPP) "KDC has no support for the encryption type"
------------------------------------------------------------------------
The client tried to use an encryption type that the KDC does
not support, for any of the following reasons:

- The client's account does not have a key of the appropriate
encryption type.

- The KDC (cross-realm trust) account does not have a key of the
appropriate encryption type.

- The requested server account does not have a key of the appropriate
encryption type.

- The type may not be recognized at all, for example, if a new type is
introduced. This happens most frequently with MIT compatibility, where
an account may not yet have an MIT compatible key. Generally, a
password change must occur for the MIT-compatible key to be available.

Do you have any UNIX kerberos in your environment?

IBTerry [MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights.
 
F

fering

No, thats the strange thing all i have is windows 2000 domain controler
but these errors are on windows 2003 server that are used in cluster with
msmq on them
Is thier a problem between 2003 & 2000 ?


Thanks
Danny
 
G

Guest

I am having the exact same issue in the same situation. Here is some info on my situation. Luna is my server, and I have replaced the domain with "mydomain" and if it is an FQDN I have typed "mydomain.com

If I run netdiag on the Server 2003 member server, the Kerberos Test fails with the following: [FATAL] Kerberos does not have a ticket for host/luna.mydomain.com At that time, I have the following events logged as I have turned on Kerberos Logging on this member server

Event Type: Erro
Event Source: Kerbero
Event Category: Non
Event ID:
Date: 11/26/200
Time: 9:21:30 A
User: N/
Computer: LUN
Description
A Kerberos Error Message was received
on logon session
Client Time:
Server Time: 14:21:30.0000 11/26/2003
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOW
Extended Error:
Client Realm:
Client Name:
Server Realm: MYDOMAIN.CO
Server Name: krbtgt/MYDOMAIN.CO
Target Name: cifs/[email protected]
Error Text:
File:
Line: ab
Error Data is in record data

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp

----------------------------------------------------------------------------------------

Event Type: Erro
Event Source: Kerbero
Event Category: Non
Event ID:
Date: 11/26/200
Time: 9:21:30 A
User: N/
Computer: LUN
Description
A Kerberos Error Message was received
on logon session
Client Time:
Server Time: 14:21:30.0000 11/26/2003
Error Code: 0xe KDC_ERR_ETYPE_NOTSUP
Extended Error:
Client Realm:
Client Name:
Server Realm: MYDOMAIN.CO
Server Name: krbtgt/MYDOMAIN.CO
Target Name: host/[email protected]
Error Text:
File:
Line: ab
Error Data is in record data

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp

----------------------------------------------------------------------------------------

Event Type: Erro
Event Source: Kerbero
Event Category: Non
Event ID:
Date: 11/26/200
Time: 9:34:03 A
User: N/
Computer: LUN
Description
A Kerberos Error Message was received
on logon session
Client Time:
Server Time: 14:34:3.0000 11/26/2003
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOW
Extended Error:
Client Realm:
Client Name:
Server Realm: MYDOMAIN.CO
Server Name: krbtgt/MYDOMAIN.CO
Target Name: ldap/[email protected]
Error Text:
File:
Line: ab
Error Data is in record data

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp

----------------------------------------------------------------------------------------

Event Type: Erro
Event Source: Kerbero
Event Category: Non
Event ID:
Date: 11/26/200
Time: 9:34:03 A
User: N/
Computer: LUN
Description
A Kerberos Error Message was received
on logon session
Client Time:
Server Time: 14:34:3.0000 11/26/2003
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOW
Extended Error:
Client Realm:
Client Name:
Server Realm: MYDOMAIN.CO
Server Name: krbtgt/MYDOMAIN.CO
Target Name: ldap/[email protected]
Error Text:
File:
Line: ab
Error Data is in record data

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp
 
G

Guest

I just read my postand realised my situation isn't EXACTLY the same, but still very similar. I am not in a clustered environment, but I am running MSMQ on the 2003 member server, because I plan to install MS CRM soon. The reason this came about is because I am preparing to install our copy of Exchange 2003, and from what I hear, this Kerberos problem can cause a security fault in Outlook Web Access, which we currently use moderately.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Kerberos Error Question 3
kerberos errors 1
Kerberos Error Message 6
Event ID 594 1
KDC_ERR_S_PRINCIPAL_UNKNOWN 1
Kerberos Error 594 1
Kerberos' role in a 'std. setup' without bells & whistles 8
Kerberos Error 1

Top