Solved

After Migration to Windows 2008 R2

Posted on 2011-09-29
4
480 Views
Last Modified: 2012-05-12
My environment: 1 2008 R2 DC and 2 2003 DCs

After adding the Windows 2008 R2 Server, I started receiving in  my  2003 DCs, system Event Log

Event ID
Source KDC, ID 27
Talking about TGS and Kerberos

In the 2008 DC I do not receive this error

Any idea ?
0
Comment
Question by:gadsad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36890079
Hi,

Check this out, it could be a log that you get if DES for Kerberos is disabled:

http://support.microsoft.com/kb/977321
0
 
LVL 10

Expert Comment

by:ienaxxx
ID: 36890081
Did you execute the ADREP /FORESTPREP and ADPREP /DOMAINPREP on your 2003 DC Schema master role owner, before promoting the new 2008 DC?

0
 
LVL 1

Accepted Solution

by:
archmuk earned 500 total points
ID: 36890207
This happens when a new Windows Server 2008 joins a Windows 2003 domain.
 
Actually, the Windows Server 2008 member server is sending a TGS request using  the encryption
type of 18 (AES). Windows Server 2003 does not support this  encryption type for Kerberos.
The Event ID 27  error that is being logged on the Windows Server 2003 domain
controller can  safely be ignored as it is by design.
The domain controller is just informing the client what encryption types it supports. The Windows Server  2008 servers are then falling back to one of the supported encryption types.
Some additional info is available at
http://technet.microsoft.com/en-us/library/cc733974(WS.10).aspx
0
 

Author Closing Comment

by:gadsad
ID: 36905525
thznk you
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question