Event ID 4 Source Kerberos
Posted on 2008-10-08
A Vista PC on a SBS2003 domain has started to cause a major problem. It started with Vista not being able to browse the shared resources of a WinXP PC on the same domain (after many months of everything working fine). The shared printer attached to the WinXP PC became inaccessible to the Vista PC. At the same time I started to notice Event ID 4 Source Kerberos errors appear in both the SBS2003 and the Vista event logs - error as follows:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server [vistaPC]$. The target name used was cifs/WinxpPC.domain.local. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (DOMAIN.LOCAL), and the client realm. Please contact your system administrator.
Something very strange now occurs. When I ping the winxpPC by name from the vistaPC, it resolves to the IP address of itself. (i.e. the vistaPC ip is 192.168.16.21, the winxpPC ip is 192.168.16.22. When I ping winxpPC from vistaPC it resolves to 192.168.16.21).