• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 601
  • Last Modified:

kerberos errors windows xp but not on windows 2003 or windows 7

Hi,
We have an application that runs on a server and you manage it from an app on your desktop.  Last Thursday turned on Native Mode in our Windows 2008 R2 domain and on the following Tuesday a user could not log into the app.  We reboot the server and than no one could.  We tested installing the sofware on a Windows 2003 server and Windows 7 and it worked, but if we install on a XP box it does not.

On the client the error message is "Lost connection with host machine - Source object cannot be converted to the destination type since it does not support all the required interfaces"

On the app server the error is Event ID 4625.

Thanks.
0
alacount
Asked:
alacount
  • 8
  • 6
1 Solution
 
Darius GhassemCommented:
Could be the software is running NTLM.
0
 
alacountAuthor Commented:
Why does it work on Windows 7 and Windows 2003?  It only XP that seems to have the issue and it was working for months.
0
 
Darius GhassemCommented:
What software? This could be a software issue not a Windows issue
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
alacountAuthor Commented:
0
 
Darius GhassemCommented:
Points to that all OS is supported

http://www.solimarsystems.com/SPDE_Overview.php

Have you contacted the software company for support? Do you have an older version?
0
 
alacountAuthor Commented:
I'm working with the vendor but we are not making progress.  Are there any differences is how kerberos works between XP and Windows 2003 or Windows 7?
0
 
Darius GhassemCommented:
Windows 2003 and XP use the same version so there should be no difference here.

Try this

http://support.microsoft.com/kb/244474
0
 
Darius GhassemCommented:
0
 
alacountAuthor Commented:
If I do a packet capture we see the follow Kerberos errors where it is using the "Service Account" for the server name.

Kerberos request from my_pc:
KDC_REQ_BODY
Realm: Domain.COM
Server Name (NT 4.0 style name (MS specific)): ServerX

Kerberos response from DomainController:
MSG Type: KRB-ERROR (30)
error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)
Server Name (NT 4.0 style name (MS specific)): ServerX
[CONNECTION RESET]
0
 
Darius GhassemCommented:
Using NTLM. Reset the computer account
0
 
alacountAuthor Commented:
Are you talking about a password reset?  We renamed the old your account and created a new one with the same name and still had the same issue.
0
 
Darius GhassemCommented:
Reset the computer account not the password.
0
 
alacountAuthor Commented:
Anything I need to be concerned about when doing this?  Do I need to re-add it to the domain?
Thanks for all your help.
0
 
Darius GhassemCommented:
Yes you will need to re-add back to the domain
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now