Then it gave the same Kerberos error.Įdit: Just to add the content of /et/nf ĭefault_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5ĭefault_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 I tried with a fresh Windows 10 installation in a VM and it worked until I applied the latest Windows Updates. There must be some setting on the working PC's which I need to apply to the others, but what could it be? I googled for hours this morning already without success. If the server name is not fully qualified and the target domain (DD.LAN) is different from the client domain (DD.LAN), check if there are server accounts with the same name in these two domains, or use the fully qualified name to identify the server to identify. Ensure that the service on the server and the KDC are both configured to use the same password. This error can also occur if the password for the target service account does not match the password that is configured in the Kerberos KDC (Key Distribution Center) for the target service. Make sure the target SPN is only registered with the account used by the server. This can occur when the target server principal name (SPN) is not registered with the account that the target service is using. This indicates that the target server was unable to decrypt the token provided by the client. The Kerberos client received a KRB_AP_ERR_MODIFIED error from server "dd-02a$". The Event log on the affected PC's give a Kerberos error (translated with Google Translate). The same user could login from another Windows10 PC. This morning users were not able to login from a some Windows 10 PC's. I have two Ubuntu 20.04 LTS servers which updated Samba to version 4.13.17 last night.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |