Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Event ID 27 and Source KDC

Status
Not open for further replies.

amanua

Technical User
Sep 26, 2005
147
US
The network consists of 1 windows server 2003 r2 and windows server 2008 standard edition domain controllers.
Recently, moved all the fsmo roles from the 2003 to the 2008 server. I plan of adding a new server 2008 domain controller so that I can get rid of the 2003 server due to hardware issue and support from Microsoft which will end 2015.
Of late, have been getting numerous Event ID 27 and source KDC errors on the windows server 2003 r2 which states: While processing a TGS request for the target server krbtgt/amanua.net, the account PC22$@amanua.net did not have a suitable key for generating a Kerberos ticket (The missing key has an ID of 8 )The requested etypes were 18. The accounts available etypes were 23 -133 -128 3 1.
Users and computers are being authenticated by any one of the servers and they can use the network resources but need to fix this problem.Any idea and if I go ahead and add the new server 2008 and configure it as a domain controller before decommissioning the server 2003 but do not fix those errors on the server 2003 what may be the issue.
 
Per research, noted that the error was by design in an environment of server 2003 and 2008 servers.
I added another 2008 server and promoted that to a domain controller and after making sure that all the 3 servers did replicate without errors, I demoted the server 2003 leaving only the 2 server 2008 domain controllers and that resolved the issue.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top