<div>
<div class="content wysiwyg-content">
I'm getting the following error in my system log of my exchange server once every 1hr:<br />
<br />
<br />
<i>The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/DC02.domain.org. &nbsp;The target name used was ldap/DC01.domain.org. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named &nbsp;machine accounts in the target realm (DOMAIN.ORG), and the client realm. &nbsp; Please contact your system administrator.</i><br />
<br />
I don't see any DNS errors on either server (both 2003 Enterprise R2), there are no duplicate names. &nbsp;DC01 is also a DNS, File, and Print server any help would be appreciated. &nbsp;I plan on removing DC01 as a DC, and DNS server and leaving it as just a file and print server. &nbsp;I've added a 2008 Enterprise R2 as a DC, DNS, DHCP server that I've already transfered the FSMO roles too (error was in the logs prior to the addition of the server). &nbsp;It's a single domain environment also, if any other info is needed to help please let me know!!!
</div>
</div>


I'm getting the following error in my system log of my exchange server once every 1hr:


The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/DC02.domain.org.  The target name used was ldap/DC01.domain.org. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (DOMAIN.ORG), and the client realm.   Please contact your system administrator.

I don't see any DNS errors on either server (both 2003 Enterprise R2), there are no duplicate names.  DC01 is also a DNS, File, and Print server any help would be appreciated.  I plan on removing DC01 as a DC, and DNS server and leaving it as just a file and print server.  I've added a 2008 Enterprise R2 as a DC, DNS, DHCP server that I've already transfered the FSMO roles too (error was in the logs prior to the addition of the server).  It's a single domain environment also, if any other info is needed to help please let me know!!!

Event Log Kerberos KRB_AP_ERR_MODIFIED

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.