Hi, I'm getting lot of Kerbero errors on one of the servers. I have search for errors online to see what is causing but i couldn't see anything. 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN = Server not found in Kerberos database. 0x34 - KRB_ERR_RESPONSE_TOO_BIG = Response too big for UDP, retry with TCP. 0xd KDC_ERR_BADOPTION = KDC cannot accommodate requested option. Windows 2003 R2 32 bites. Please find my MPS Reporting Tool logs https://skydrive.live.com/redir?resid=B9B74F2B701A14DD!118 1ST Error Event Type: Error Event Source: Kerberos Event Category: None Event ID: 3 Date: 25/06/2012 Time: 11:42:45 User: N/A Computer: MY_SERVER Description: A Kerberos Error Message was received: on logon session Client Time: Server Time: 10:42:35.0000 6/25/2012 Z Error Code: 0xd KDC_ERR_BADOPTION Extended Error: 0xc00000bb KLIN(0) Client Realm: Client Name: Server Realm: DOMAIN.COM Server Name: host/my_server.domain.com Target Name: host/my_server.domain.com@DOMAIN.COM Error Text: File: 9 Line: b22 Error Data is in record data. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 30 15 a1 03 02 01 03 a2 0..... 0008: 0e 04 0c bb 00 00 c0 00 ...... 0010: 00 00 00 03 00 00 00 ....... 2ND ERROR Event Type: Error Event Source: Kerberos Event Category: None Event ID: 3 Date: 25/06/2012 Time: 11:39:08 User: N/A Computer: MY_DOMAIN Description: A Kerberos Error Message was received: on logon session Client Time: Server Time: 10:38:47.0000 6/25/2012 Z Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN Extended Error: Client Realm: Client Name: Server Realm: DOMAIN.COM Server Name: OUR_DC.domain.com Target Name: OUR_DC.domain.com@DOMAIN.COM Error Text: File: 9 Line: b22 Error Data is in record data. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. 3RD ERROR Event Type: Error Event Source: Kerberos Event Category: None Event ID: 3 Date: 25/06/2012 Time: 11:39:07 User: N/A Computer: MY_DOMAIN Description: A Kerberos Error Message was received: on logon session DOMAIN\user_id Client Time: Server Time: 10:38:46.0000 6/25/2012 Z Error Code: 0x34 KRB_ERR_RESPONSE_TOO_BIG Extended Error: Client Realm: Client Name: Server Realm: DOMAIN Server Name: krbtgt/DOMAIN Target Name: krbtgt/DOMAIN@DOMAIN Error Text: File: e Line: 6c0 Error Data is in record data. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. I try this. I suggest you can change MaxPacketSize to 1 to force the computer to use Kerberos traffic over TCP instead of UDP. To do this, follow these steps: Start Registry Editor. Locate and then click the following registry subkey: <samp>HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\ Kerberos\Parameters</samp> Note If the Parameters key does not exist, create it now. On the Edit menu, point to New, and then click DWORD Value. Type MaxPacketSize, and then press ENTER. Double-click MaxPacketSize, type 1 in the Value data box, click to select the Decimal option, and then click OK. Quit Registry Editor. Restart your computer. For more information please refer to the following article: How to force Kerberos to use TCP instead of UDP in Windows: http://support.microsoft.com/kb/244474 i also check this http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/78f1026a-7531-4228-b00a-4a334810b539/ But still nothing.

Hi. On server using regedit modified the registry key from (1) to the default value of (0) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters Entry: LogLevel Type: REG_DWORD Default Value: 0 KDC_ERR_S_PRINCIPAL_UNKNOWN 0x7 Server not found in Kerberos databasehttp://www.ietf.org/rfc/rfc4120.txt Kerberos protocol registry entries and KDC configuration keys in Windows Server 2003http://support.microsoft.com/kb/837361/en-usIn addition, whether your account was using third party programs when the error occurs?Regards,Yan Li Yan Li TechNet Community Support

I do like to keep the logs. I dont wont to disable logs for my system.