G
Guest
I am running a SBS2k machine, I had noticed that recently there were a lot of
failure audits in the Security section of the event viewer. I wanted to get
to the bottom of them and see why this was happening, I found that a lot of
the failed logs had krbtgt.
I used MS article 262177 to enable Kerberos logging, I found that I would
get errors in event viewer in the System log. Source: Kerberos EventId: 594
I tried to locate information on this error but failed to find anything that
would assist in repairing the problem. I found out that the error I was
getting was:
"0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"
The KDC could not translate the server principal name from the KDC request
into an account in the Active Directory. Generally, verifying whether the
server account exists and has propagated to the domain controller that
generated the error. Checking Active Directory replication may provides an
indication of why the error occurred. Also if the server is not at least
Windows 2000, there will not be any service principal names registered
because that server is not capable of authenticating with Kerberos. In this
case, this error can be ignored because the client will then switch to NTLM
for authentication."
As per MS article 230476
The error I am getting to be exact on the event viewer is:
"A Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 17:47:1.0000 11/10/2005 (null) 0x7
Extended Error: KDC_ERR_S_PRINCIPAL_UNKNOWN
Client Realm:
Client Name:
Server Realm: INTERNAL_DOMAIN
Server Name: krbtgt/INTERNAL_DOMAIN
Target Name: DNS/prisoner.iana.org@INTERNAL_DOMAIN
Error Text:
File:
Line:
Error Data is in record data. "
There don't seem to be any helpful pieces of information on the internet
which would seem to relate to this issue, can anyone that has had this
problem or is familar with the solution please post.
Thank you.
failure audits in the Security section of the event viewer. I wanted to get
to the bottom of them and see why this was happening, I found that a lot of
the failed logs had krbtgt.
I used MS article 262177 to enable Kerberos logging, I found that I would
get errors in event viewer in the System log. Source: Kerberos EventId: 594
I tried to locate information on this error but failed to find anything that
would assist in repairing the problem. I found out that the error I was
getting was:
"0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"
The KDC could not translate the server principal name from the KDC request
into an account in the Active Directory. Generally, verifying whether the
server account exists and has propagated to the domain controller that
generated the error. Checking Active Directory replication may provides an
indication of why the error occurred. Also if the server is not at least
Windows 2000, there will not be any service principal names registered
because that server is not capable of authenticating with Kerberos. In this
case, this error can be ignored because the client will then switch to NTLM
for authentication."
As per MS article 230476
The error I am getting to be exact on the event viewer is:
"A Kerberos Error Message was received:
on logon session InitializeSecurityContext
Client Time:
Server Time:
Error Code: 17:47:1.0000 11/10/2005 (null) 0x7
Extended Error: KDC_ERR_S_PRINCIPAL_UNKNOWN
Client Realm:
Client Name:
Server Realm: INTERNAL_DOMAIN
Server Name: krbtgt/INTERNAL_DOMAIN
Target Name: DNS/prisoner.iana.org@INTERNAL_DOMAIN
Error Text:
File:
Line:
Error Data is in record data. "
There don't seem to be any helpful pieces of information on the internet
which would seem to relate to this issue, can anyone that has had this
problem or is familar with the solution please post.
Thank you.