Some background here. We're running a Windows 2003 Server environment. We have a Windows 2003 Storage Server that is serving both the Windows servers through file shares and our HP-UX servers using NFS. We started seeing some problems with RPC and disk I/O errors when copying from the HP-UX machines. From the Windows machines, Explorer sometimes takes a long time to display directory contents on the shared directories. Because of the RPC errors, I was thinking that it was taking awhile to authenticate and timing out. While trying to troubleshoot this, I changed the primary DNS server in the network settings and that seemed to improve things quite a bit. This led me to think to look at checking out communication between the domain controllers.
It was at this time that something led me to turn on logging for Kerberos. After doing that, I'm getting event ID 3 errors from source Kerberos. The error code is either 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN or 0xd KDC_ERR_BADOPTION. Googling has brought back that is caused by SPN that is not registered. There were several sites that recommended using the Network Monitor to find the offending SPN and then gave the instructions to authenticate it. Unfortunely, I am unclear on what to look for in the Network Monitor to determine the bad SPN. And it seems that a lot of the sites I went to just copied and pasted the same instructions. So to sum it up, how do I use Network Monitor to determine the SPN that needs to be authenticated? -Paul ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
