Avatar of compdigit44

asked on 

Kerberos PAC Errors

We have a Windows 2016 RODC running server core in our DMZ. That is restricted via our firewall on which DC's internally it can communicate with. Sporadically we i.e once every other week get the following error message on one of the internal DC's the RODC can talk to. "During TGS processing, the KDC was unable to verify the signature on the PAC from RODCNA1$. This indicates the PAC was modified." Search online seems to point out this is normal but my problem is if this is normal they why is is an error
Windows Server 2016Active Directory

Avatar of undefined
Last Comment

8/22/2022 - Mon