exchange 2007 New machines added to domain cannot use outlook it keeps requesting authentication
windows 2003 sp2 exchange 2007 server
When I add a new machine to domain and install outlook we cannot login to outlook it keeps asking for username and password.
Old machines work fine.
Recent change was removing AD and DNS service from exchange server and putting in on a separate win2k3 server.
Only warning on Exchange server
source: MSExchange ADAcess
category: Validation
eventId: 2159
Process edgetransport.exe (Transport) (PID=4360). Configuration object CN=Interop RGC,CN=Connections,CN=Exch
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
On the workstation I see a error
Source: Kerberos Error
Category: none
EventID: 4
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/"our PDC". This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly this is due to identically named machine accounts in the target realm(dour Domain"), and the client realm.
However I can attach to shared folder on the exchange server with no problem. The only thing that does not work is outlook.
I can even acces Exchange via OWA on this machine.
Checked DNS no error.
All servers and workstations have DNS pointing to DNS/AD server.
When I add a new machine to domain and install outlook we cannot login to outlook it keeps asking for username and password.
Old machines work fine.
Recent change was removing AD and DNS service from exchange server and putting in on a separate win2k3 server.
Only warning on Exchange server
source: MSExchange ADAcess
category: Validation
eventId: 2159
Process edgetransport.exe (Transport) (PID=4360). Configuration object CN=Interop RGC,CN=Connections,CN=Exch
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
On the workstation I see a error
Source: Kerberos Error
Category: none
EventID: 4
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/"our PDC". This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly this is due to identically named machine accounts in the target realm(dour Domain"), and the client realm.
However I can attach to shared folder on the exchange server with no problem. The only thing that does not work is outlook.
I can even acces Exchange via OWA on this machine.
Checked DNS no error.
All servers and workstations have DNS pointing to DNS/AD server.
ASKER
Hello Akhater,
I did joing/disjoin many times with same name or other name still same error.
Are you sure creating new exchange server is the only solution?
I did joing/disjoin many times with same name or other name still same error.
Are you sure creating new exchange server is the only solution?
Both issues don't seem to be related. if you just log on the workstation machine without opening outlook can you see the error ?
ASKER
No the error shows up when the workstation open outlook and tries to connect to exchange server.
As I said before the workstation can use shared folders on the exchange server.
As I said before the workstation can use shared folders on the exchange server.
No I am not sure that only a new exchange server will solve this issue but I know that dcpromo out / in a server running exchange will break the latter and the following technet article confirms it
http://technet.microsoft.com/en-us/library/aa997060%28EXCHG.80%29.aspx
You can, of course, wait a longer on this forum for others' input or open a PSS ticket but that's what I would have done.
http://technet.microsoft.com/en-us/library/aa997060%28EXCHG.80%29.aspx
You can, of course, wait a longer on this forum for others' input or open a PSS ticket but that's what I would have done.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Did not get satisfactory solution. Still searching
Regarding your exchange dcpromo in/out a server running exchange is known to break exchange. I'd suggest you build a new one on a separate server and move everything to it then decomission the one you are using now.