The kerberos client received a KRB_AP_ERR_MODIFIED error

Greetings,

I had a situation where a win 2003 server was off line for 3 weeks. It was one of two domain controllers.

When i put it back in service I started receiving  the error below on the other dc referring to the first one mentioned:

The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/servername.domainname.com.  The target name used was . This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (domainname.com), and the client realm.   Please contact your system administrator.

This question looks to be the same or similar:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23498342.html?sfQueryTermInfo=1+10+30+ap+err+krb+modifi

The solution there was to demote the server and the promote it again to dc.

Is that the smartest course of action or is there a better way to resolve this?

Also what problem is this causing?  This question seems to imply that it isn't causing any problem and instead the error should just be supressed.  Or perhaps I am reading it wrong.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23077067.html?sfQueryTermInfo=1+10+30+ap+err+krb+modifi

Thanks for any advice.

Best regards,

Sky
Schuyler KuhlAsked:
Who is Participating?
 
khairilCommented:
Hi,

Try check the server clock, is it match other DC clock?
0
 
Schuyler KuhlAuthor Commented:
Thank you very much.

The clocks match.  

Thank you . I am reviewing those documents.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.