Windows 2003 r2 Kerbero logs on server
hi,
i'm getting lot of kerbero errors on 1 of servers. have search errors online see causing i couldn't see anything.
0x34 - krb_err_response_too_big = response big udp, retry tcp.
0xd kdc_err_badoption = kdc cannot accommodate requested option.
windows 2003 r2 32 bites.
please find my mps reporting tool logs
https://skydrive.live.com/redir?resid=b9b74f2b701a14dd!118
1st error
event type: error
event source: kerberos
event category: none
event id: 3
date: 25/06/2012
time: 11:42:45
user: n/a
computer: my_server
description:
kerberos error message received:
on logon session
client time:
server time: 10:42:35.0000 6/25/2012 z
error code: 0xd kdc_err_badoption
extended error: 0xc00000bb klin(0)
client realm:
client name:
server realm: domain.com
server name: host/my_server.domain.com
target name: host/my_server.domain.com@domain.com
error text:
file: 9
line: b22
error data in record data.
more information, see , support center @ http://go.microsoft.com/fwlink/events.asp.
data:
0000: 30 15 a1 03 02 01 03 a2 0.¡....¢
0008: 0e 04 0c bb 00 00 c0 00 ...»..À.
0010: 00 00 00 03 00 00 00 .......
2nd error
event type: error
event source: kerberos
event category: none
event id: 3
date: 25/06/2012
time: 11:39:08
user: n/a
computer: my_domain
description:
kerberos error message received:
on logon session
client time:
server time: 10:38:47.0000 6/25/2012 z
error code: 0x7 kdc_err_s_principal_unknown
extended error:
client realm:
client name:
server realm: domain.com
server name: our_dc.domain.com
target name: our_dc.domain.com@domain.com
error text:
file: 9
line: b22
error data in record data.
more information, see , support center @ http://go.microsoft.com/fwlink/events.asp.
3rd error
event type: error
event source: kerberos
event category: none
event id: 3
date: 25/06/2012
time: 11:39:07
user: n/a
computer: my_domain
description:
kerberos error message received:
on logon session domain\user_id
client time:
server time: 10:38:46.0000 6/25/2012 z
error code: 0x34 krb_err_response_too_big
extended error:
client realm:
client name:
server realm: domain
server name: krbtgt/domain
target name: krbtgt/domain@domain
error text:
file: e
line: 6c0
error data in record data.
more information, see , support center @ http://go.microsoft.com/fwlink/events.asp.
try this.
suggest you can change maxpacketsize 1 force the computer use kerberos traffic over tcp instead of udp. this, follow these steps:
- start registry editor.
- locate , click following registry subkey: note if the parameters key not exist, create now.<samp>hkey_local_machine\system\currentcontrolset\control\lsa\ kerberos\parameters</samp>
- on the edit menu, point to new, , click dword value.
- type maxpacketsize, , press enter.
- double-click maxpacketsize, type 1 in the value data box, click select the decimal option, , click ok.
- quit registry editor.
- restart computer.
more information please refer following article:
how force kerberos use tcp instead of udp in windows: http://support.microsoft.com/kb/244474
check this
http://social.technet.microsoft.com/forums/en-us/winserverds/thread/78f1026a-7531-4228-b00a-4a334810b539/
still nothing.
hi.
on server using regedit modified registry key (1) default value of (0)
hkey_local_machine\system\currentcontrolset\control\lsa\kerberos\parameters
entry: loglevel
type: reg_dword
default value: 0
kdc_err_s_principal_unknown 0x7 server not found in kerberos database
http://www.ietf.org/rfc/rfc4120.txt kerberos protocol registry entries , kdc configuration keys in windows server 2003
http://support.microsoft.com/kb/837361/en-us
in addition, whether account using third party programs when error occurs?
regards,
yan li
yan li
technet community support
Windows Server > Security
Comments
Post a Comment