ipsbend
asked on
Kerberos Error Event ID 5
We are a SBS2003 SP2/Exchange 03 w/ XP clients environment. We are receiving the Event ID 5 error on our server for some of the clients in our network:
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 5
Date: 01/28/2008
Time: 8:04:21 AM
User: N/A
Computer: Server
Description:
The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server desktop05$. This indicates that the ticket used against that server is not yet valid (in relationship to that server time). Contact your system administrator to make sure the client and server times are in sync, and that the KDC in realm domain.LOCAL is in sync with the KDC in the client realm.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
In addition, all of our clients are getting the Event ID 29:
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 1/27/2008
Time: 10:49:41 AM
User: N/A
Computer: desktop20
Description:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 959 minutes. NtpClient has no source of accurate time.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I'm thinking it's a time service problem. The Windows time service is started on the server. I've tried using the "net time" command on the clients but it didn't work.
Can anyone help?
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 5
Date: 01/28/2008
Time: 8:04:21 AM
User: N/A
Computer: Server
Description:
The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server desktop05$. This indicates that the ticket used against that server is not yet valid (in relationship to that server time). Contact your system administrator to make sure the client and server times are in sync, and that the KDC in realm domain.LOCAL is in sync with the KDC in the client realm.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
In addition, all of our clients are getting the Event ID 29:
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 29
Date: 1/27/2008
Time: 10:49:41 AM
User: N/A
Computer: desktop20
Description:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 959 minutes. NtpClient has no source of accurate time.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I'm thinking it's a time service problem. The Windows time service is started on the server. I've tried using the "net time" command on the clients but it didn't work.
Can anyone help?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The advantage of pool.ntp.org is that you are using a cluster of over 500 servers (if in North America -- over 900 in Europe, etc.) so you never have a problem getting a connection.
You can read more about it here: http://www.pool.ntp.org
Since I've switched the servers I manage to using these I never have a problem at all with W32Time.
Jeff
TechSoEasy
You can read more about it here: http://www.pool.ntp.org
Since I've switched the servers I manage to using these I never have a problem at all with W32Time.
Jeff
TechSoEasy
ASKER
One thing I will add to this: We had a GPO on the server that was overriding some of this configuration. Removing the settings from the GPO allowed this solution to work.
ASKER
Thx!