Why when I do a packet capture of kerberos traffic do I see Principal Unknown for CIFS services to a cluster resource. I was under the impression that cifs was native to windows and a SPN was not needed?Here is the frame the failed kdc_err_s_principal_unknown packet Frame: Number = 517, Captured Frame Length = 152, MediaType = ETHERNET- Ethernet: Etype = Internet IP (IPv4),DestinationAddress:[00-22-BE-6E-C8-00],SourceAddress:[00-1F-29-E5-68-AC] - DestinationAddress: 0022BE 6EC800 [00-22-BE-6E-C8-00] IG: (0.......) Individual address UL: (.0......) Universally Administered Address Rsv: (..000000) - SourceAddress: 001F29 E568AC [00-1F-29-E5-68-AC] UL: .0...... Universally Administered Address EthernetType: Internet IP (IPv4), 2048(0x800)- Ipv4: Src = 10.0.112.105, Dest = 10.3.2.165, Next Protocol = TCP, Packet ID = 20931, Total IP Length = 138 - Versions: IPv4, Internet Protocol; Header Length = 20 Version: (0100....) IPv4, Internet Protocol HeaderLength: (....0101) 20 bytes (0x5) - DifferentiatedServicesField: DSCP: 0, ECN: 0 DSCP: (000000..) Differentiated services codepoint 0 ECT: (......0.) ECN-Capable Transport not set CE: (.......0) ECN-CE not set TotalLength: 138 (0x8A) Identification: 20931 (0x51C3) - FragmentFlags: 16384 (0x4000) Reserved: (0...............) DF: (.1..............) Do not fragment MF: (..0.............) This is the last fragment Offset: (...0000000000000) 0 TimeToLive: 128 (0x80) NextProtocol: TCP, 6(0x6) Checksum: 0 (0x0) SourceAddress: 10.0.112.105 DestinationAddress: 10.3.2.165- Tcp: Flags=...AP..., SrcPort=Kerberos(88), DstPort=2515, PayloadLen=98, Seq=3963416069 - 3963416167, Ack=980968913, Win=65535 (scale factor 0x0) = 65535 SrcPort: Kerberos(88) DstPort: 2515 SequenceNumber: 3963416069 (0xEC3CEE05) AcknowledgementNumber: 980968913 (0x3A7865D1) - DataOffset: 80 (0x50) DataOffset: (0101....) 20 bytes Reserved: (....000.) NS: (.......0) Nonce Sum not significant - Flags: ...AP... CWR: (0.......) CWR not significant ECE: (.0......) ECN-Echo not significant Urgent: (..0.....) Not Urgent Data Ack: (...1....) Acknowledgement field significant Push: (....1...) Push Function Reset: (.....0..) No Reset Syn: (......0.) Not Synchronize sequence numbers Fin: (.......0) Not End of data Window: 65535 (scale factor 0x0) = 65535 Checksum: 0x878D, Disregarded UrgentPointer: 0 (0x0) TCPPayload: SourcePort = 88, DestinationPort = 2515- Kerberos: KRB_ERROR - KDC_ERR_S_PRINCIPAL_UNKNOWN (7) - Length: Length = 94 Reserved: (0...............................) Must be Zero (Incorrect formatter specifier for type: %d) Length: (.0000000000000000000000001011110) (94) - KrbError: KRB_ERROR (30) - ApplicationTag: - AsnId: Application Constructed Tag (30) - LowTag: Class: (01......) Application (1) Type: (..1.....) Constructed TagValue: (...11110) 30 - AsnLen: Length = 92, LengthOfLength = 0 Length: 92 bytes, LengthOfLength = 0 - SequenceHeader: - AsnId: Sequence and SequenceOf types (Universal 16) - LowTag: Class: (00......) Universal (0) Type: (..1.....) Constructed TagValue: (...10000) 16 - AsnLen: Length = 90, LengthOfLength = 0 Length: 90 bytes, LengthOfLength = 0 - Tag0: - AsnId: Context Specific Constructed Tag (0) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00000) 0 - AsnLen: Length = 3, LengthOfLength = 0 Length: 3 bytes, LengthOfLength = 0 - PvNo: 5 - AsnIntegerHeader: - AsnId: Integer type (Universal 2) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00010) 2 - AsnLen: Length = 1, LengthOfLength = 0 Length: 1 bytes, LengthOfLength = 0 AsnInt: 5 (0x5) - Tag1: - AsnId: Context Specific Constructed Tag (1) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00001) 1 - AsnLen: Length = 3, LengthOfLength = 0 Length: 3 bytes, LengthOfLength = 0 - MsgType: KRB_ERROR (30) - AsnIntegerHeader: - AsnId: Integer type (Universal 2) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00010) 2 - AsnLen: Length = 1, LengthOfLength = 0 Length: 1 bytes, LengthOfLength = 0 AsnInt: 30 (0x1E) - Tag4: - AsnId: Context Specific Constructed Tag (4) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00100) 4 - AsnLen: Length = 17, LengthOfLength = 0 Length: 17 bytes, LengthOfLength = 0 - Stime: 02/16/2010 14:05:09 UTC - Time: 02/16/2010 14:05:09 UTC - AsnGeneralizedTimeHeader: - AsnId: GeneralizedTime type (Universal 24) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...11000) 24 - AsnLen: Length = 15, LengthOfLength = 0 Length: 15 bytes, LengthOfLength = 0 Year: 2010 Month: 02 Day: 16 Hours: 14 Minutes: 05 - SecondString: 09 c: 0 c: 9 TZD: Z - Tag5: - AsnId: Context Specific Constructed Tag (5) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00101) 5 - AsnLen: Length = 5, LengthOfLength = 0 Length: 5 bytes, LengthOfLength = 0 - SuSec: 815127 - Microseconds: 815127 - AsnIntegerHeader: - AsnId: Integer type (Universal 2) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00010) 2 - AsnLen: Length = 3, LengthOfLength = 0 Length: 3 bytes, LengthOfLength = 0 AsnInt: 815127 (0xC7017) - Tag6: - AsnId: Context Specific Constructed Tag (6) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00110) 6 - AsnLen: Length = 3, LengthOfLength = 0 Length: 3 bytes, LengthOfLength = 0 - ErrorCode: KDC_ERR_S_PRINCIPAL_UNKNOWN (7) - Value: 7 - AsnIntegerHeader: - AsnId: Integer type (Universal 2) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00010) 2 - AsnLen: Length = 1, LengthOfLength = 0 Length: 1 bytes, LengthOfLength = 0 AsnInt: 7 (0x7) - Tag9: - AsnId: Context Specific Constructed Tag (9) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...01001) 9 - AsnLen: Length = 8, LengthOfLength = 0 Length: 8 bytes, LengthOfLength = 0 - Realm: domain.org - Realm: domain.org - String: domain.org - String: domain.org - AsnOctetStringHeader: - AsnId: GeneralString type (Universal 27) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...11011) 27 - AsnLen: Length = 6, LengthOfLength = 0 Length: 6 bytes, LengthOfLength = 0 OctetStream: domain.org - TagA: - AsnId: Context Specific Constructed Tag (10) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...01010) 10 - AsnLen: Length = 37, LengthOfLength = 0 Length: 37 bytes, LengthOfLength = 0 - Sname: cifs/mckhpfstore.domain.org - SequenceHeader: - AsnId: Sequence and SequenceOf types (Universal 16) - LowTag: Class: (00......) Universal (0) Type: (..1.....) Constructed TagValue: (...10000) 16 - AsnLen: Length = 35, LengthOfLength = 0 Length: 35 bytes, LengthOfLength = 0 - Tag0: - AsnId: Context Specific Constructed Tag (0) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00000) 0 - AsnLen: Length = 3, LengthOfLength = 0 Length: 3 bytes, LengthOfLength = 0 - NameType: NT-SRV-INST (2) - AsnIntegerHeader: - AsnId: Integer type (Universal 2) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...00010) 2 - AsnLen: Length = 1, LengthOfLength = 0 Length: 1 bytes, LengthOfLength = 0 AsnInt: 2 (0x2) - Tag1: - AsnId: Context Specific Constructed Tag (1) - LowTag: Class: (10......) ConText specific (2) Type: (..1.....) Constructed TagValue: (...00001) 1 - AsnLen: Length = 28, LengthOfLength = 0 Length: 28 bytes, LengthOfLength = 0 - SequenceOfHeader: - AsnId: Sequence and SequenceOf types (Universal 16) - LowTag: Class: (00......) Universal (0) Type: (..1.....) Constructed TagValue: (...10000) 16 - AsnLen: Length = 26, LengthOfLength = 0 Length: 26 bytes, LengthOfLength = 0 - NameString: cifs - String: cifs - String: cifs - AsnOctetStringHeader: - AsnId: GeneralString type (Universal 27) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...11011) 27 - AsnLen: Length = 4, LengthOfLength = 0 Length: 4 bytes, LengthOfLength = 0 OctetStream: cifs - NameString: mckhpfstore.domain.org - String: mckhpfstore.domain.org - String: mckhpfstore.domain.org - AsnOctetStringHeader: - AsnId: GeneralString type (Universal 27) - LowTag: Class: (00......) Universal (0) Type: (..0.....) Primitive TagValue: (...11011) 27 - AsnLen: Length = 18, LengthOfLength = 0 Length: 18 bytes, LengthOfLength = 0 OctetStream: mckhpfstore.domain.orgPeter D. Wood

Hi ,SMB is native to windows, so if SPN is not set for your service you will see the above error.