Solved

After Migration to Windows 2008 R2

Posted on 2011-09-29
4
476 Views
Last Modified: 2012-05-12
My environment: 1 2008 R2 DC and 2 2003 DCs

After adding the Windows 2008 R2 Server, I started receiving in  my  2003 DCs, system Event Log

Event ID
Source KDC, ID 27
Talking about TGS and Kerberos

In the 2008 DC I do not receive this error

Any idea ?
0
Comment
Question by:gadsad
4 Comments
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36890079
Hi,

Check this out, it could be a log that you get if DES for Kerberos is disabled:

http://support.microsoft.com/kb/977321
0
 
LVL 10

Expert Comment

by:ienaxxx
ID: 36890081
Did you execute the ADREP /FORESTPREP and ADPREP /DOMAINPREP on your 2003 DC Schema master role owner, before promoting the new 2008 DC?

0
 
LVL 1

Accepted Solution

by:
archmuk earned 500 total points
ID: 36890207
This happens when a new Windows Server 2008 joins a Windows 2003 domain.
 
Actually, the Windows Server 2008 member server is sending a TGS request using  the encryption
type of 18 (AES). Windows Server 2003 does not support this  encryption type for Kerberos.
The Event ID 27  error that is being logged on the Windows Server 2003 domain
controller can  safely be ignored as it is by design.
The domain controller is just informing the client what encryption types it supports. The Windows Server  2008 servers are then falling back to one of the supported encryption types.
Some additional info is available at
http://technet.microsoft.com/en-us/library/cc733974(WS.10).aspx
0
 

Author Closing Comment

by:gadsad
ID: 36905525
thznk you
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
File Server Migration from 2003 to 2008R2 3 60
Can’t delete a file 14 135
VMware Black Screen 13 80
Undo a Print Server Setup 5 70
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now