Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Event Log Kerberos KRB_AP_ERR_MODIFIED

Posted on 2012-03-14
2
Medium Priority
?
802 Views
Last Modified: 2012-04-04
I'm getting the following error in my system log of my exchange server once every 1hr:


The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/DC02.domain.org.  The target name used was ldap/DC01.domain.org. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (DOMAIN.ORG), and the client realm.   Please contact your system administrator.

I don't see any DNS errors on either server (both 2003 Enterprise R2), there are no duplicate names.  DC01 is also a DNS, File, and Print server any help would be appreciated.  I plan on removing DC01 as a DC, and DNS server and leaving it as just a file and print server.  I've added a 2008 Enterprise R2 as a DC, DNS, DHCP server that I've already transfered the FSMO roles too (error was in the logs prior to the addition of the server).  It's a single domain environment also, if any other info is needed to help please let me know!!!
0
Comment
Question by:nbccit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Accepted Solution

by:
nbccit earned 0 total points
ID: 37805835
Problem solved, it turns out someone on my team modified the host file of the Exchange Server that had a bad ip address.

Thanks,
Ronnie
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Want to know how to use Exchange Server Eseutil command? Go through this article as it gives you the know-how.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question