I have an error event on my cluster nodes (active, active, passive) from Kerberos that just began a couple weeks ago after I installed a product called GoExchange. Please see below. The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/host.mydomain.com. The target name used was evsname. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (MYDOMAIN.COM), and the client realm. Please contact your system administrator. I did some googling and found some forums that outlined a few troubleshooting steps but in all cases the SPN's check out, LDAP queries indicate 1 entry for the host name. DNS A and PTR records check out.I do not have duplicate IP's or Duplicate Names. Time is correct on the local GC servicing the exchange servers. I found one posting that stated this is a cosmetic issue caused by SP2. I also found a Microsoft KB article that stated it was fixed by SP2. Please share with me any information you may have on this kerberos error. It is only occuring on my Exchange servers and it is not effecting users or the machines. I went as far as disabling the services associated with the Goexchange product butto now prevail. I have not gone as far as uninstalling GoExchange in the event it is a cosmetic issue.

You must review configuration on your GoExchange product as it does not modify the SPN records when moving to another node! Deli

This is most likely true. I failed my virtual nodes over to different physical nodes and as a result I had to restart the GoExchange services. Aparently, the application creates com connectionss with the virtual server inorder to perform the maintenance tasks and the failover breaks this line of communication. Are there any long term effects of this Kerberos error?

The short term problem is that Kerberos authentication does not work! You will fallback to NTLM authentication You need to solve this problem but probably this is a known issue for GoExchange so you should request support from them. We had this a few times with Veritas Clustering of Exchange and it was just one checkbox and the problem was solved! Deli

Deli, What was the checkbox you checked or unchecked to solve this problem. We are having the same problem within our enviroment and looking for a soluting. Any help would be appreciated. Thanks, BoB