Archive

Archive for June, 2009

Target Principal Name is Incorrect

June 25, 2009 Leave a comment

A few weeks ago I was given the task to expand the D drive on a client’s file server (FP01), which is also a domain controller and Windows Server 2003 R2 Standard SP2. The FSMO roles were on DC01. The C and D drive were on the same RAID 5 array and part of the brief was to remove the RAID 5 array and create a single RAID 1 for the OS (C Drive) and a RAID 5 for the Data (D Drive). I ghosted both partitions to a portable HDD, created the arrays and ghosted back, expanding the D drive of the server. All went well except for the following messages in the event log.

* Active Directory was restored using an unsupported manner. netlogon service is stopped.
* Naming information cannot be located because: The target principle name is incorrect whenever AD users and computers is run
* Event ID 4, Kerberos client received a KRB_AP_ERR_MODIFIED error

After researching this to death the following was what I did to fix the problem.

1. Stop the Key Distribution Center (KDC) service on FP01.
Open a Command Prompt, type net stop KDC, and press Enter.

2. Install the Server 2003 support tools if not loaded already and launch Kerbtray.exe.
Click Start, Run, and then type kerbtray.exe and press Enter.
A little green ticket icon will appear in your system tray.

Note: At this point I launched the kerbtray application and noticed duplicate tickets issued to FP01.

3. Purge the ticket cache on FP01.
Right-click the green ticket icon in your system tray, and then click Purge Tickets.
You should receive a confirmation that your ticket cache was purged. Click OK.

4. Reset the Server domain controller account password on DC01 (the PDC emulator).

Open a command prompt and type: netdom /resetpwd /server:FP01 /userd:domain.com\administrator /passwordd:password, and then press Enter.

5. Synchronize the domain.
Open a command prompt, type repadmin /syncall, and then press Enter.

6. Start the KDC service on FP01. To do so, open a command prompt, type
net start KDC, and press Enter. This completed the process, and the domain
controllers were replicating successfully.

Categories: Windows Tags: ,