Event 677

[Guest]

Hello,

We are running a Windows 2000 Active Directory domain with three domain
controllers (two at corporate headquarters, one at a branch office about 200
miles away). We are getting some frequent messages on more than one domain
computer that all look similar like the following:

Service Ticket Request Failed:
User Name: COMPUTER_NAME
User Domain: DOMAIN_NAME.COM
Service Name: krbtgt/DOMAIN_NAME.COM
Ticket Options: 0x2
Failure Code: 0x20
Client Address: 123.123.123.123

Some machine report this event every once in a blue moon, while a couple
machines report this almost on an hourly basis. A quick search on the
Internet seems to suggest that this is not something of great concern. I was
wonder if we have any experts here who may be able to give me a second
opinion. Is this something I need to worry about? Are there anything I can
do to reduce the occurrence of this issue? Thanks!

Peter

 

[Guest]

This page seems to suggest that Event 677 isn't a grave concern:
http://www.eventid.net/docs/event677.asp

"The problem in this case is in the Kerberos ticket expiration.
It appears that Windows 2000 just keeps renewing tickets until
it fails because of expiration and then gets a new one. If this
is correct, then the 677 failure code 32 errors are "normal"
events that one cannot prevent without disabling the auditing
for Failure Audits."

So not sure if I can take that info for its worth.

Also, I am dabbing with Domain Security Policies-Kerberos Policy configs. I
changed the kerberos policy so that tickets never expire, and let the
settings like like for an entire afternoon. I continue to get the same 677
errors in the event log, so I changed it back to default value.

That's some of the progress I have found thus far. If any of you experts
here can offer me any tips it'd be very much appreciated! Thanks in advance.