Solved

The kerberos client received a KRB_AP_ERR_MODIFIED error

Posted on 2011-09-07
3
846 Views
Last Modified: 2012-08-08
Greetings,

I had a situation where a win 2003 server was off line for 3 weeks. It was one of two domain controllers.

When i put it back in service I started receiving  the error below on the other dc referring to the first one mentioned:

The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/servername.domainname.com.  The target name used was . This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (domainname.com), and the client realm.   Please contact your system administrator.

This question looks to be the same or similar:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23498342.html?sfQueryTermInfo=1+10+30+ap+err+krb+modifi

The solution there was to demote the server and the promote it again to dc.

Is that the smartest course of action or is there a better way to resolve this?

Also what problem is this causing?  This question seems to imply that it isn't causing any problem and instead the error should just be supressed.  Or perhaps I am reading it wrong.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23077067.html?sfQueryTermInfo=1+10+30+ap+err+krb+modifi

Thanks for any advice.

Best regards,

Sky
0
Comment
Question by:Schuyler Kuhl
3 Comments
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 500 total points
ID: 36498215
0
 
LVL 13

Expert Comment

by:khairil
ID: 36498504
Hi,

Try check the server clock, is it match other DC clock?
0
 

Author Comment

by:Schuyler Kuhl
ID: 36501917
Thank you very much.

The clocks match.  

Thank you . I am reviewing those documents.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question