Open Software Solutions

Consider the following scenario:

•	A client performs Kerberos authentication against a Windows Server 2008-based domain controller.
•	The client requests a ticket-granting ticket (TGT) by specifying the host principal name as the client name in the KRB_AS_REQ packet.

In this scenario, authentication fails, and the following error code is returned:

This problem may occur when a third-party implementation of a Kerberos client interoperates with a Windows Server 2008-based domain controller. For example, this problem may occur if a principal name in the service/user@realm.com format is used to generate a keytab file.

Back to the top

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a Hotfix download available section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Online Customer Services to obtain the hotfix. To submit an online request to obtain the hotfix, visit the following Microsoft Web site:

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. To create a separate service request, visit the following Microsoft Web site:

Note The Hotfix download available section and the online request forms display the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

There are no prerequisites for installing this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

Windows Server 2008, x86-based versions

File name	File version	File size	Date	Time	Platform
Kdcsvc.dll	6.0.6001.22162	311,296	18-Apr-2008	05:30	x86
Kdcsvc.mof	Not applicable	5,300	18-Dec-2007	21:27	Not applicable

Windows Server 2008, x64-based versions

File name	File version	File size	Date	Time	Platform
Kdcsvc.dll	6.0.6001.22162	404,480	18-Apr-2008	06:40	x64
Kdcsvc.mof	Not applicable	5,300	18-Dec-2007	21:27	Not applicable

Back to the top

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the Applies to section.

Back to the top

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

Back to the top