We have recently implemented Server 2003 at our location. We have two servers running 2003, and one running NT4 that we have set up with an external trust. We get the following errors on both 2003 machines, pointing at each other, with the server names reversed. I have removed the actual domain and machine names:
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 7/12/2004
Time: 3:04:18 PM
User: N/A
Computer: SERVER1
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/server2.subdomain.domain.com. The target name used was \SERVER2$. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (SUBDOMAIN.DOMAIN.COM), and the client realm. Please contact your system administrator.
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 7/11/2004
Time: 7:15:14 PM
User: N/A
Computer: SERVER1
Description:
The File Replication Service is having trouble enabling replication from SERVER2 to SERVER1 for c:\windows\sysvol\domain using the DNS name server2.SUBDOMAIN.DOMAIN.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name nt99.madtel.madisontelco.com from this computer.
[2] FRS is not running on nt99.madtel.madisontelco.com.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
Some more info:
We can ping the FQDN from either servers command prompt.
FRS is running as a service on both domain controllers.
These servers are both configured as domain controllers.
I can open the event log from server1 console on server2 and vice versa. I have also tried most of the fixes around replication found on this site or the Microsoft KB.
Any help would be greatly appreciated.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 7/12/2004
Time: 3:04:18 PM
User: N/A
Computer: SERVER1
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/server2.subdomain.domain.com. The target name used was \SERVER2$. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (SUBDOMAIN.DOMAIN.COM), and the client realm. Please contact your system administrator.
Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 7/11/2004
Time: 7:15:14 PM
User: N/A
Computer: SERVER1
Description:
The File Replication Service is having trouble enabling replication from SERVER2 to SERVER1 for c:\windows\sysvol\domain using the DNS name server2.SUBDOMAIN.DOMAIN.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name nt99.madtel.madisontelco.com from this computer.
[2] FRS is not running on nt99.madtel.madisontelco.com.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
Some more info:
We can ping the FQDN from either servers command prompt.
FRS is running as a service on both domain controllers.
These servers are both configured as domain controllers.
I can open the event log from server1 console on server2 and vice versa. I have also tried most of the fixes around replication found on this site or the Microsoft KB.
Any help would be greatly appreciated.