Solved

kerberos errors windows xp but not on windows 2003 or windows 7

Posted on 2011-09-20
14
584 Views
Last Modified: 2012-05-12
Hi,
We have an application that runs on a server and you manage it from an app on your desktop.  Last Thursday turned on Native Mode in our Windows 2008 R2 domain and on the following Tuesday a user could not log into the app.  We reboot the server and than no one could.  We tested installing the sofware on a Windows 2003 server and Windows 7 and it worked, but if we install on a XP box it does not.

On the client the error message is "Lost connection with host machine - Source object cannot be converted to the destination type since it does not support all the required interfaces"

On the app server the error is Event ID 4625.

Thanks.
0
Comment
Question by:alacount
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569717
Could be the software is running NTLM.
0
 

Author Comment

by:alacount
ID: 36569768
Why does it work on Windows 7 and Windows 2003?  It only XP that seems to have the issue and it was working for months.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569776
What software? This could be a software issue not a Windows issue
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:alacount
ID: 36569823
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569838
Points to that all OS is supported

http://www.solimarsystems.com/SPDE_Overview.php

Have you contacted the software company for support? Do you have an older version?
0
 

Author Comment

by:alacount
ID: 36573602
I'm working with the vendor but we are not making progress.  Are there any differences is how kerberos works between XP and Windows 2003 or Windows 7?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573639
Windows 2003 and XP use the same version so there should be no difference here.

Try this

http://support.microsoft.com/kb/244474
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573642
0
 

Author Comment

by:alacount
ID: 36582226
If I do a packet capture we see the follow Kerberos errors where it is using the "Service Account" for the server name.

Kerberos request from my_pc:
KDC_REQ_BODY
Realm: Domain.COM
Server Name (NT 4.0 style name (MS specific)): ServerX

Kerberos response from DomainController:
MSG Type: KRB-ERROR (30)
error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)
Server Name (NT 4.0 style name (MS specific)): ServerX
[CONNECTION RESET]
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36582523
Using NTLM. Reset the computer account
0
 

Author Comment

by:alacount
ID: 36600453
Are you talking about a password reset?  We renamed the old your account and created a new one with the same name and still had the same issue.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 36600902
Reset the computer account not the password.
0
 

Author Comment

by:alacount
ID: 36601288
Anything I need to be concerned about when doing this?  Do I need to re-add it to the domain?
Thanks for all your help.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36601296
Yes you will need to re-add back to the domain
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Determining the an SCCM package name from the Package ID
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question