Re: 0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hello Oli,

Do you have additonal entrys in the event viewer like 673 and 677? http://support.microsoft.com/kb/824905/en-us

Do you have enabled Kerberos event logging? http://support.microsoft.com/kb/262177/en-us

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Hello Meinolf,

My apologies.. please find the copied event log

Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 3
Date: 03/02/2008
Time: 16:31:12
User: N/A
Computer: V-WS-SQL1
Description:
A Kerberos Error Message was received:
on logon session
Client Time:
Server Time: 16:31:10.0000 2/3/2008 Z
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN
Extended Error:
Client Realm:
Client Name:
Server Realm: SH.COM
Server Name: V-SHAD3.sh.com
Target Name: V-SHAD3.sh.com@xxxxxx
Error Text:
File: 9
Line: ae0
Error Data is in record data.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 3
Date: 03/02/2008
Time: 16:55:05
User: N/A
Computer: V-WS-SQL1
Description:
A Kerberos Error Message was received:
on logon session
Client Time:
Server Time: 16:55:3.0000 2/3/2008 Z
Error Code: 0xd KDC_ERR_BADOPTION
Extended Error: 0xc00000bb KLIN(0)
Client Realm:
Client Name:
Server Realm: SH.COM
Server Name: host/v-ws-sql1.sh.com
Target Name: host/v-ws-sql1.sh.com@xxxxxx
Error Text:
File: 9
Line: ae0
Error Data is in record data.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 30 15 a1 03 02 01 03 a2 0.¡....¢
0008: 0e 04 0c bb 00 00 c0 00 ...»..À.
0010: 00 00 00 03 00 00 00 .......
I look forward to seeing your response

Kind regards

Oli

We have 5 domain controllers in 2 sites. 3 in our HQ and 2 in our DR
- All Windows 2003 Ent SP2.

This is the only server logging these types of Kerberos errors.
There are no reported errors in the event logs on our domain
controllers.

Kerberos logging in turned off on the SQL box. I am seeing the
logging of this entry a lot throughout the day. I have referenced
this doc from TechNet which states the Server is not found in the
Kerberos database. Where is this database and how can I check it's
integrity?

http://technet2.microsoft.com/windowsserver/en/library/b36b8071-3cc5
-4 6fa-be13-280aa43f2fd21033.mspx?mfr=true

I look forward to seeing you opinion

Thanks

Oli

"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66836c98ca33c5088ab550@xxxxxxxxxxxxxxxxxxxxxxx

Hello Oli,

Please psot the complete entry from the event viewer and give some
info about the setup of your network. How many DC's, which
Operating system etc.?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hi,

I am seeing this error message in event viewer and cannot get to
the bottom of this.

I've looked on the net but theres no resolution - can any one
help?

I have 2 errors -

0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos
database" 0xd (KDC_ERR_BADOPTION) "KDC cannot accommodate
requested option."

Which kinds of makes sense. If the server isn;t in kerberos Db
then it cannot accomdate the requested option.

How can I check the kerberos database to make sure the server in
question is
valid. And is the kerberos databse held on my domain controllers?
I'm a little lost!
Any help would be appreciated
Thanks
Oli


.

Relevant Pages

  • Re: 0x7 (KRB_ERR_S_PRINCIPAL_UNKNOWN) "Server not found in Kerberos database"
    ... If you press the button with the paper on the event itself, then you have the complete entry with the important number and source. ... A Kerberos Error Message was received: ... Server Realm: SH.COM ... This is the only server logging these types of Kerberos errors. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Cannot telnet some ports
    ... Some with remote administration feature I believe. ... POP3 Server 110 ... # Network services, Internet style ... kerberos 750/udp kdc # Kerberos udp ...
    (microsoft.public.windows.server.general)
  • Re: Cannot telnet some ports
    ... Some with remote administration feature I believe. ... >> From a Windows 2003 Server SP2 ... >> fromn the 2k3 serrver but can telnet into any other port. ... kerberos 750/udp kdc # Kerberos udp ...
    (microsoft.public.windows.server.general)
  • Re: Kerberos logon to Terminal Server prevents folder redirection
    ... Pass-through refers to the client browser passing through credentials to the Web Interface server; so you can still use Pass-through without enabling the option "Use Kerberos authentication to connect to servers". ...
    (microsoft.public.windows.server.security)
  • RE: Event ID 40960 and 40961
    ... Thank you for posting to Microsoft newsgroup. ... if a XP/2003 machine is pointed directly at a DNS server that doesn't ... support Kerberos, secure dynamic updates will generate 40960/40961 events. ... XP/2003 machine is pointed to a 2000/2003 DNS server, ...
    (microsoft.public.windows.server.migration)