Trouble with RDP Over Hostname – Possible Kerberos Issues?

By
William Rossbach
-
0
10
Asked By CuriousCoder42 On

I'm stuck trying to troubleshoot a problem that just appeared this week with Remote Desktop Protocol (RDP) when trying to connect using hostnames. Using the IP address seems to work just fine. After restarting a computer, RDP will work for a few hours, but then it suddenly stops responding again.

I suspect it's a Kerberos issue based on packet captures showing a KRB Error: KRB5KRB_AP_ERR_Modified. The event logs from the client I'm connecting from also show Event ID 3 with a Kerberos error message. There seems to be a mismatch between the client and server timestamps and some other detailed information indicating issues related to Kerberos ticket requests.

I've checked that there's no replication problems between the Domain Controllers and verified that there are no duplicate Service Principal Names (SPNs). I've ensured that DNS resolution is adequate and that the system clocks are synchronized. I've also disabled antivirus and remote management tools to eliminate those as possible causes, and attempted to manually reset the AD machine password without success. Any clues on what my next steps should be?

3 Answers

Answered By SysAdminGuru99 On

Is this happening with all machines or just a few? Since IP connects via NTLM instead of Kerberos, your assessment about it leaning towards a Kerberos issue sounds spot on. Have you checked the domain or DC policies to see if anyone has recently changed them?

Answered By TechieTim29 On

It appears to be a sporadic issue affecting all machines—sometimes RDP works, sometimes not. I checked the GPOs, and nothing seems off there either. Interestingly, I was also about to ask if you've noticed any connection problems when using the IP. Kerberos relies on proper communication with your Domain Controllers.

Answered By UpdateSeeker88 On

There have been some recent updates that were known to affect both NTLM and Kerberos functionalities. Have you looked into those updates yet? They might provide some insight into the trouble you’re experiencing.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.