Article ID: 870692 - View products that this article applies to.
When you perform a Kerberos test by running the Netdiag.exe command-line tool on a Microsoft Windows Server 2003-based member server in a Windows 2000-based domain, you receive the following error message:
Note In this error message, domain_name is the fully qualified domain name (FQDN) of your computer.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for host/domain_name.
This problem occurs because Netdiag.exe searches only for the host/domain_name kind of Kerberos ticket. Netdiag.exe does not search for the computer_name$ kind of Kerberos ticket.
The Kerberos protocol lets you send private information across an otherwise open network. Kerberos tickets are unique keys that are assigned to users and computers when they log on to a network. A Kerberos ticket includes all the user credentials or computer credentials in an encrypted format. These credentials are used to identify a specific user or a specific computer on a network for access to Kerberos services. The following list describes the two types of Kerberos tickets:
For additional information about Kerberos, visit the following Microsoft Web site:
http://msdn2.microsoft.com/en-us/library/aa378747.aspxFor additional information about how to use Netdiag.exe tool, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/321708/ )How to use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
Contact us for more help
Connect with Answer Desk for expert help.