Event ID:5 The Kerberos client received a KRB_AP_ERR_TKT_NYV error from the...

Lemonde
100% (Exalted)
Advanced Member Topic Starter

3 years ago

We are seeing:

Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Date: 13/05/2020 03:57:37
Event ID: 5
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The Kerberos client received a KRB_AP_ERR_TKT_NYV error from the server %computername%$. This indicates that the ticket presented to that server is not yet valid (due to a discrepancy between ticket and server time. Contact your system administrator to make sure the client and server times are synchronized, and that the time for the Key Distribution Center Service (KDC) in realm domain.local is synchronized with the KDC in the client realm.
Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Kerberos" Guid="{98E6CFCB-EE0A-41E0-A57B-622D4E1B30B1}" EventSourceName="Kerberos" />
<EventID Qualifiers="16384">5</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2020-05-13T02:57:37.000000000Z" />
<EventRecordID>323619</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>server.domain.local</Computer>
<Security />
</System>
<EventData>
<Data Name="Server">%computername%$</Data>
<Data Name="KDCRealm">domain.local</Data>
<Binary>
</Binary>
</EventData>
</Event>

Even though clocks on both servers appear to be in sync..?

Edited by moderator 10 months ago | Reason: Not specified

Refurbished Computers Berkshire
Data Recovery Berkshire

Sponsor

Want to thank us? Use: Patreon or PayPal or Bitcoins: bc1q4whppe29dw77rm4kv4pln0gqae4yjnxly0dny0hky6yhnafukzjsyrsqhk

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.

Wanna join the discussion?! Login to your PC & Mac Help and Assistance forum account or Register a new forum account

sirclesadmin
100% (Exalted)
Administration

3 years ago

Check that there is no DNS IP misconfiguration as this can sometimes cause this.

IIS may need its NTFS permissions reset.

The KDC server may be out of sync with a KDC in your domain.

Your internet options are incorrect - try resetting them

IT Support Berkshire
Buy new and refurbished computer equipment

herbet
91% (Exalted)
Newbie

a year ago

Yes check that the DNS record for that IP is the correct one and the only one, sometimes a static record in DNS or the DNS registration failed for some reason and needs to be redone with ipconfig /registerdns and the removal of the incorrect record for that IP.

Important Information:

The PC & Mac Help and Assistance uses cookies. By continuing to browse this site, you are agreeing to our use of cookies. More Details Close