IT_Fanatic
asked on
Event ID 27 KDC Help
Any idea what this type of error is? Is it critical if not or if so how can I resolve it? I hate seeing this on my event logs
While processing a TGS request for the target server krbtgt/ABC.COM, the account HM4G1$@ABC.COM did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 8). The requested etypes were 18. The accounts available etypes were 23 -133 -128 3 1.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
While processing a TGS request for the target server krbtgt/ABC.COM, the account HM4G1$@ABC.COM did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 8). The requested etypes were 18. The accounts available etypes were 23 -133 -128 3 1.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Use klist command to troubleshoot: http://technet.microsoft.com/en-us/library/cc733974(WS.10).aspx
ASKER
I already saw this site. This site just tells you info on it but not how to fix it. It this error critical or ignorable?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok so I navigate to this path and put this value on the registry and thats it not reboot and event logs will no longer show those errors on my 2003 server? Also I how can i find out which domain controller to put this code on? I have 2 DC of windows server 2008.
Navigate to HKLM\System\CurrentControl Set\Contro l\LSA\Kerb eros\Param eters
Add the following registry value.
Value Name = DefaultEncryptionType
Type = Reg_DWORD
Value Data = 0x17(23)
Navigate to HKLM\System\CurrentControl
Add the following registry value.
Value Name = DefaultEncryptionType
Type = Reg_DWORD
Value Data = 0x17(23)
Add the key to both 2008 DC.
ASKER
Is this error ignorable or critical.
ASKER
Thanks for your help that worked.
ASKER
Sorry I had to reopen this but it infact did not work. It still appears on my win 2003 server
It is on my 2003R2 BDC servers as well. I tried the GPO solution set forth by Microsoft in KB977321, that seems to not help either. I haven't tried the HotFix yet as it doesn't seem to entirely fit my criteria.
Please let me know if you ever resolved this, and if so, what worked.
Please let me know if you ever resolved this, and if so, what worked.