I have one domain controller throwing a 594 Kerberos error at least once every 20 minutes, usually at 5 minutes intervals:
A Kerberos Error Message was received:
on logon session InitializeSecurityContext
Error Code: 16:28:20.0000 7/22/2008 (null) 0x7
Extended Error: KDC_ERR_S_PRINCIPAL_UNKNOWN
Server Realm: DOMAIN.LOCAL
Server Name: krbtgt/DOMAIN.LOCAL
Target Name: HOST/domain.local@DOMAIN.LOCAL
Error Data is in record data.
I've looked all over EE, eventID.net, and many newsgroups for a solution to this. The part that I'm not comprehending is why there is a HOST/domain.local@DOMAIN.LOCAL entry. Shouldn't it be a host name instead of the domain? I can find information on HOST/hostname@DOMAIN.LOCAL, but this one has me flummoxed. This error only sows up on one of my domain controllers. It's on one of the W2K Servers, so it's not an issue that occurred during an upgrade to 2K3.
Does anyone have an idea of where to look for this domain.local@DOMAIN.LOCAL entry? I thought perhaps this particular domain controller wanted to be the default DNS entry for the domain, so I made that happen. I tried to "setspn -a HOST/domain.local" on the machine and the entry shows up for about 10 minutes and then it goes away... Probably because it makes no sense. Much like this error.
Thanks in advance for your help.