Enviroment:
Failover Cluster 2012: Physical Nodes: srv-cluster01 and srv-cluster02
Virtual Nodes: srv-fscluster;
Domain: Only 1 Florest and 1 Domain, two Domain Controllers(Replicated and Checked);
I has a Failover Cluster(Server 2012) and one of Role is File Server, from a week to now, xp workstations couldn´t access by nome, only by IP Address;
Machines with Windows 7 is accessing normal by server name;
From Windows XP i Can access too, the physical server from cluster, typing \\srv-cluster01
I findout in my dns server for duplicated names and don´t find any;
With tha same windows xp workstation, i can access another file server that was in another failover cluster, but operational system isn´t 2012, is 2003 R2;
From troubleshooting i get this errors:
1o) The Kerberos client received a KRB_AP_ERR_MODIFIED error from server srv-cluster01$. This indicate that the password used to encrypt the kerberos service ticket is different than that on the target server.
Event ID: 4
2o) Looking Kerberos Tickets(Klist tickets) i get:
Server: krbtgt/DOMINIO.LOCAL@DOMINIO.LOCAL
KerbTicket Encryption Type: Unknown (18)
End Time: 1/29/2013 21:31:03
Renew Time: 2/5/2013 11:31:03
3o) With Wireshark i make a Kerberos Troubleshooting:
DNS Querys -> OK (Query for name \\srv-fscluster -> OK)
ICMP Test -> OK
Negotiate Protocol Request
Negotiate Protocol Response:
SMB(Server Message Block Protocol)
-> Negociate Protocol Response(0x72)
-> Security Blob: xxxxxxxxxxxx
-> GSS-API Generic ...
-> Simple Protected Negotiation
-> negTokenInit
-> mechType: 5 items
MechType: 1.3.6.1.4.1.311.2.2.30 (iso.3.6.1.4.1.311.2.2.30)
MechType: 1.2.840.48018.1.2.2 (MS KRB5 - Microsoft Kerberos 5)
MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5)
MechType: 1.2.840.113554.1.2.2.3 (KRB5 - Kerberos 5 - User to User)
MechType: 1.3.6.1.4.1.311.2.2.10 (NTLMSSP - Microsoft NTML SecuritySupport Provider)
-> mechListMIC: xxxxxxxxxxxxxxx
principal: not_defined_in_RFC4178@please_ignore
This enviroment was working full in 5 days ago; It working 2 months;