Solved

kerberos errors windows xp but not on windows 2003 or windows 7

Posted on 2011-09-20
14
586 Views
Last Modified: 2012-05-12
Hi,
We have an application that runs on a server and you manage it from an app on your desktop.  Last Thursday turned on Native Mode in our Windows 2008 R2 domain and on the following Tuesday a user could not log into the app.  We reboot the server and than no one could.  We tested installing the sofware on a Windows 2003 server and Windows 7 and it worked, but if we install on a XP box it does not.

On the client the error message is "Lost connection with host machine - Source object cannot be converted to the destination type since it does not support all the required interfaces"

On the app server the error is Event ID 4625.

Thanks.
0
Comment
Question by:alacount
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569717
Could be the software is running NTLM.
0
 

Author Comment

by:alacount
ID: 36569768
Why does it work on Windows 7 and Windows 2003?  It only XP that seems to have the issue and it was working for months.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569776
What software? This could be a software issue not a Windows issue
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 

Author Comment

by:alacount
ID: 36569823
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36569838
Points to that all OS is supported

http://www.solimarsystems.com/SPDE_Overview.php

Have you contacted the software company for support? Do you have an older version?
0
 

Author Comment

by:alacount
ID: 36573602
I'm working with the vendor but we are not making progress.  Are there any differences is how kerberos works between XP and Windows 2003 or Windows 7?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573639
Windows 2003 and XP use the same version so there should be no difference here.

Try this

http://support.microsoft.com/kb/244474
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573642
0
 

Author Comment

by:alacount
ID: 36582226
If I do a packet capture we see the follow Kerberos errors where it is using the "Service Account" for the server name.

Kerberos request from my_pc:
KDC_REQ_BODY
Realm: Domain.COM
Server Name (NT 4.0 style name (MS specific)): ServerX

Kerberos response from DomainController:
MSG Type: KRB-ERROR (30)
error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)
Server Name (NT 4.0 style name (MS specific)): ServerX
[CONNECTION RESET]
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36582523
Using NTLM. Reset the computer account
0
 

Author Comment

by:alacount
ID: 36600453
Are you talking about a password reset?  We renamed the old your account and created a new one with the same name and still had the same issue.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 36600902
Reset the computer account not the password.
0
 

Author Comment

by:alacount
ID: 36601288
Anything I need to be concerned about when doing this?  Do I need to re-add it to the domain?
Thanks for all your help.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36601296
Yes you will need to re-add back to the domain
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article summaries thoughts and ideas from two years of sustained use. It provides good reasoning to make the jump to Windows 10.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question