Unable to authenticate to RDP session using dnsname

  • 7010189
  • 21-Feb-2012
  • 27-Apr-2012

Environment

Novell Open Enterprise Server 2 SP3 (OES2SP3)
Domain Services for Window
DSFW

Situation

RDP session authentication fails stating login attempt failed

The kdc.log on the DSFW Domain Controller shows:

Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): AS_REQ (6 etypes {18 17 23
24 -135 3}) 172.16.32.139: NEEDED_PREAUTH: gerard@NTS for krbtgt/NTS@NTS,
Additional pre-authentication required
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): AS_REQ (6 etypes {18 17 23
24 -135 3}) 172.16.32.139: ISSUE: authtime 1319460241, etypes {rep=23 tkt=23
ses=23}, gerard@NTS for krbtgt/NTS@NTS
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): TGS_REQ (5 etypes {18 17 23
24 -135}) 172.16.32.139: ISSUE: authtime 1319460241, etypes {rep=23 tkt=23
ses=23}, gerard@NTS.COM for TERMSRV/windows2008r2.nts.com@NTS.COM
Oct 24 14:44:01 OES2SP3-DSFW krb5kdc[18708](info): TGS_REQ (5 etypes {18 17 23
24 -135}) 172.16.32.139: DUP_SKEY DISALLOWED: authtime 0,  gerard@NTS.COM for
TERMSRV/windows2008r2.nts.com@NTS.COM, KDC policy rejects request.

Resolution

The 2012 January Maintenance Patch resolves this issue.