Novell Home

My Favorites

Close

Please to see your favorites.

Unable to authenticate to RDP session using dnsname

This document (7010189) is provided subject to the disclaimer at the end of this document.

Environment

Novell Open Enterprise Server 2 SP3 (OES2SP3)
Domain Services for Window
DSFW

Situation

RDP session authentication fails stating login attempt failed

The kdc.log on the DSFW Domain Controller shows:

Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): AS_REQ (6 etypes {18 17 23
24 -135 3}) 172.16.32.139: NEEDED_PREAUTH: gerard@NTS for krbtgt/NTS@NTS,
Additional pre-authentication required
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): AS_REQ (6 etypes {18 17 23
24 -135 3}) 172.16.32.139: ISSUE: authtime 1319460241, etypes {rep=23 tkt=23
ses=23}, gerard@NTS for krbtgt/NTS@NTS
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): TGS_REQ (5 etypes {18 17 23
24 -135}) 172.16.32.139: ISSUE: authtime 1319460241, etypes {rep=23 tkt=23
ses=23}, gerard@NTS.COM for TERMSRV/windows2008r2.nts.com@NTS.COM
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): TGS_REQ (5 etypes {18 17 23
24 -135}) 172.16.32.139: DUP_SKEY DISALLOWED: authtime 0,  gerard@NTS.COM for
TERMSRV/windows2008r2.nts.com@NTS.COM, KDC policy rejects request.

Resolution

The 2012 January Maintenance Patch resolves this issue.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7010189
  • Creation Date:21-FEB-12
  • Modified Date:27-APR-12
    • NovellOpen Enterprise Server
    • NetIQeDirectory

Did this document solve your problem? Provide Feedback