• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1748
  • Last Modified:

event ID 4 security-kerberos what does this mean SBS 2011 network

Can anyone help me understand what this is saying?  Rob-PC exists now.  Joe-LPTP isn't on the network - joe's laptop maybe?  I searched Rob-PC's registry for joe but came up with nothing.  Both would be members of the domain, not servers themselves.

rob-pc doesn't have a mapping to a printer or share to joe-lptp either.

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server rob-pc$. The target name used was cifs/JOE-LPTP.contoso.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (contoso.LOCAL) is different from the client domain (contoso.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server
0
BeGentleWithMe-INeedHelp
Asked:
BeGentleWithMe-INeedHelp
  • 5
  • 2
3 Solutions
 
Cris HannaCommented:
Were the computers joined to the domain using the SBS wizard or the manual method?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
There is a decent TechNet Blog Post written about how to find the source of these messages:

http://blogs.technet.com/b/dcaro/archive/2013/07/04/fixing-the-security-kerberos-4-error.aspx

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
FYI, it's possible that the computer JOE-LPTP is running IIS Server or some other type of service which would cause this problem.  

This is why you don't generally want NON-Domain computers attached to your internal network.  If people bring their own devices, you can provide a separate subnet for those devices to operate on.  Most wireless access points offer some type of network segmentation to allow a "guest" network that only goes out to the Internet and doesn't interact with your company assets.

Jeff
TechSoEasy
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I'm curious -- what ended up being the issue?

Jeff
TechSoEasy
0
 
BeGentleWithMe-INeedHelpAuthor Commented:
not sure... haven't gotten back to this
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Then why did you accept the answers?
0
 
BeGentleWithMe-INeedHelpAuthor Commented:
EE wanted me to close out the questions and I appreciate you guys taking the time to answer and help me.  I didn't think my feet dragging should hold things up or penalize your efforts. You gave me ideas so when I get back to it, I'll have a plan of attack.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I think you misunderstand.  EE does not want you to close out a question by selecting every comment made.  

You may get a reminder to stay involved in a question -- all that takes is to post a comment after the last Expert comment so that the system knows you have seen the Expert's responses.

See this article for more info:
http://support.experts-exchange.com/customer/portal/articles/755968-what-if-my-question-doesn%E2%80%99t-get-an-answer-

Jeff
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now