Solved

Kerberos error

Posted on 2009-07-09
3
582 Views
Last Modified: 2012-05-07
Hi all,

I am running a DC on Windows 2003 and my System Event Viewer is full of Kerberos error .... it doesn't seem to affect anything but I want to make sure these eror won't lead to anything else.

Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      3
Date:            7/9/2009
Time:            1:12:13 AM
User:            N/A
Computer:      NMMC-DC
Description:
A Kerberos Error Message was received:
         on logon session
 Client Time:
 Server Time: 5:12:13.0000 7/9/2009 Z
 Error Code: 0xd KDC_ERR_BADOPTION
 Extended Error: 0xc00000bb KLIN(0)
 Client Realm:
 Client Name:
 Server Realm: NMMC-NET.LOCAL
 Server Name: host/nmmc-dc.nmmc-net.local
 Target Name: host/nmmc-dc.nmmc-net.local@NMMC-NET.LOCAL
 Error Text:
 File: 9
 Line: ae0
 Error Data is in record data.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 30 15 a1 03 02 01 03 a2   0.¡....¢
0008: 0e 04 0c bb 00 00 c0 00   ...»..À.
0010: 00 00 00 03 00 00 00      .......


Also I setup another DC for redundancy and made it a glaobal catalog and all but I can't seem to connect to it when the main DC is down. I don't know if this could be related.
0
Comment
Question by:nmmcfk
3 Comments
 
LVL 26

Accepted Solution

by:
Pber earned 250 total points
ID: 24812984
See this regarding the Kerberos errors:
http://mailman.mit.edu/pipermail/kerberos/2005-February/007231.html

http://technet2.microsoft.com/windowsserver/en/library/b36b8071-3cc5-46fa-be13-280aa43f2fd21033.mspx?mfr=true 

Running kerbtray and purging the tickets has worked for me in the past.

kerbtray is part of these tools:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9D467A69-57FF-4AE7-96EE-B18C4790CFFD&displaylang=en

As far as your 2nd DC not picking up,   It may be the clients need to point to the 2nd DC for DNS (it is desired to have your your DCs as AD integrated DNS servers.  See this:
http://www.pberblog.com/post/2009/06/09/DC-failed-second-DC-not-authenticating-users.aspx 
 
0
 

Author Comment

by:nmmcfk
ID: 24860983
OK I will see what I can do with that .... thanks for the info and i will kep you guys posted.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Possible to automate stopping of services on any server shutdown/reboot? 17 46
Server Login Issue 4 59
ADMT Intra Forest migration questions 7 215
Computer software inventory 5 108
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question