Windows XP SP3 AND kerberos event ID4 when access Intranet application
Posted on 2009-07-03
Here's the situtation - we have a web application running on a Server 2003 SP2 that client PCs connect to (Windows XP SP2 and 3). After a while (this can be several hours or just a couple) the user goes to input a new record in the app but they get prompted with a Windows Authentication box - after which they get kicked out of the app (Server unavailable or cannot display the page type of error). If they close IE and then go back in - all is fine. Corresponding with the Windows Authentication box is the Kerberos event ID4 error:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/websvr.domain.com. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (domain.COM), and the client realm. Please contact your system administrator.
Its not an issue with duplicate client PC names on the network as its been happening on 4 different PCs for SURE (probably much more that I just haven't heard about it) - but 1 of them had been rebuilt recently so I disjoined it from the domain, deleted the name out of AD, DNS, WINS and then rejoined it with a DIFFERENT name and still the same issue.
The event log on the web server doesn't seem to show any corresponding error when the XP machines log the Kerberos event ID 4. Does anyone have any ideas as to how I can troubleshoot this?