Lemonde
  • Lemonde
  • 100% (Exalted)
  • Advanced Member Topic Starter
2 years ago
We are seeing:

Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Date: 13/05/2020 03:57:37
Event ID: 5
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: server.domain.local
Description:
The Kerberos client received a KRB_AP_ERR_TKT_NYV error from the server %computername%$. This indicates that the ticket presented to that server is not yet valid (due to a discrepancy between ticket and server time. Contact your system administrator to make sure the client and server times are synchronized, and that the time for the Key Distribution Center Service (KDC) in realm domain.local is synchronized with the KDC in the client realm.
Event Xml:



5
0
2
0
0
0x80000000000000

323619


System
server.domain.local



%computername%$
domain.local





Even though clocks on both servers appear to be in sync..?
Sponsor

Want to thank us? Use: Patreon or PayPal or Bitcoins: 12G4A52Znm5s35buKDEmKU2p2vQY69Nsyo

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.


sirclesadmin
2 years ago
Check that there is no DNS IP misconfiguration as this can sometimes cause this.

IIS may need its NTFS permissions reset.

The KDC server may be out of sync with a KDC in your domain.

Your internet options are incorrect - try resetting them
herbet
  • herbet
  • 73.6% (Friendly)
  • Newbie
20 days ago
Yes check that the DNS record for that IP is the correct one and the only one, sometimes a static record in DNS or the DNS registration failed for some reason and needs to be redone with ipconfig /registerdns and the removal of the incorrect record for that IP.