Avatar of schesis1
Flag for United States of America

asked on 

594 Kerberos error 0x7 for HOST/domain.local@DOMAIN.LOCAL

I have one domain controller throwing a 594 Kerberos error at least once every 20 minutes, usually at 5 minutes intervals:

A Kerberos Error Message was received:
         on logon session InitializeSecurityContext
 Client Time:
 Server Time:
 Error Code: 16:28:20.0000 7/22/2008 (null) 0x7
 Client Realm:
 Client Name:
 Server Realm: DOMAIN.LOCAL
 Server Name: krbtgt/DOMAIN.LOCAL
 Target Name: HOST/domain.local@DOMAIN.LOCAL
 Error Text:
 Error Data is in record data.

I've looked all over EE, eventID.net, and many newsgroups for a solution to this.  The part that I'm not comprehending is why there is a HOST/domain.local@DOMAIN.LOCAL entry.  Shouldn't it be a host name instead of the domain?  I can find information on HOST/hostname@DOMAIN.LOCAL, but this one has me flummoxed.  This error only sows up on one of my domain controllers.  It's on one of the W2K Servers, so it's not an issue that occurred during an upgrade to 2K3.

Does anyone have an idea of where to look for this domain.local@DOMAIN.LOCAL entry?  I thought perhaps this particular domain controller wanted to be the default DNS entry for the domain, so I made that happen.  I tried to "setspn -a HOST/domain.local" on the machine and the entry shows up for about 10 minutes and then it goes away... Probably because it makes no sense.  Much like this error.

Thanks in advance for your help.
Microsoft Server OS

Avatar of undefined
Last Comment

8/22/2022 - Mon