Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

After Migration to Windows 2008 R2

Posted on 2011-09-29
4
Medium Priority
?
485 Views
Last Modified: 2012-05-12
My environment: 1 2008 R2 DC and 2 2003 DCs

After adding the Windows 2008 R2 Server, I started receiving in  my  2003 DCs, system Event Log

Event ID
Source KDC, ID 27
Talking about TGS and Kerberos

In the 2008 DC I do not receive this error

Any idea ?
0
Comment
Question by:gadsad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 6

Expert Comment

by:Reubenwelsh
ID: 36890079
Hi,

Check this out, it could be a log that you get if DES for Kerberos is disabled:

http://support.microsoft.com/kb/977321
0
 
LVL 10

Expert Comment

by:ienaxxx
ID: 36890081
Did you execute the ADREP /FORESTPREP and ADPREP /DOMAINPREP on your 2003 DC Schema master role owner, before promoting the new 2008 DC?

0
 
LVL 1

Accepted Solution

by:
archmuk earned 2000 total points
ID: 36890207
This happens when a new Windows Server 2008 joins a Windows 2003 domain.
 
Actually, the Windows Server 2008 member server is sending a TGS request using  the encryption
type of 18 (AES). Windows Server 2003 does not support this  encryption type for Kerberos.
The Event ID 27  error that is being logged on the Windows Server 2003 domain
controller can  safely be ignored as it is by design.
The domain controller is just informing the client what encryption types it supports. The Windows Server  2008 servers are then falling back to one of the supported encryption types.
Some additional info is available at
http://technet.microsoft.com/en-us/library/cc733974(WS.10).aspx
0
 

Author Closing Comment

by:gadsad
ID: 36905525
thznk you
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question