Cross realm auth with MS Server 2003 and MIT kerb

Jeffrey Altman jaltman2 at
Thu Oct 21 09:40:11 EDT 2004

BarBaar wrote:
> Hi,
> I found the following message on my w2k3 AD:
> 10/21/2004	11:48:35 AM	Kerberos	Error	None	3	N/A	BART	"A Kerberos
> Error Message was received:
>          on logon session 
>  Client Time: 
>  Server Time: 9:48:35.0000 10/21/2004 Z
>  Error Code: 0xd KDC_ERR_BADOPTION
>  Extended Error: 0xc00000bb KLIN(0)
>  Client Realm: 
>  Client Name: 
>  Server Realm: TEST.NL
>  Server Name: host/
>  Target Name: host/ at TEST.NL
>  Error Text: 
>  File: 9
>  Line: ab8
>  Error Data is in record data."
> 10/21/2004	11:33:35 AM	Kerberos	Error	None	3	N/A	BART	"A Kerberos

This is not related to the PAC.  Your MIT KDC is rejecting the request.
Look in the KDC log file.  You may need to use a network monitor to look
at the error data if the KDC log does not contain enough information.

This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu

More information about the Kerberos mailing list