Kerberos using wrong username to request tickets and servi..

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I logged onto my workstation (XP Pro on Win2k AD domain) earlier this week
using a different username. Now when I log into my PC with MY username, the
DC's security event log is showing that the kerberos service tickets are
being requested by the other user.

The problem is that the other user is simply a domain user, but I am a
Domain Admin. I only have the rights of a normal user now using MMC to
administer the domain. Also, when I do a net use to an $admin drive share on
another pc, I get the login dialog box with the OTHER user already in the
username field - instead of just letting me in like it always did.

How can I re-set the user that my Kerberos client is using to request
tickets and services from my PC?!?!
I have already done the following:

1. Removed the other users profile from my PC - and did a search of the
registry, and the user name is nowhere to be found except in the old
\documents and settings\profile path
2. Disabled the other user in AD - but then I get all kinds of kerberos
failures and errors on my PC and the DC's security log - MMC doesnt work at
all at that point.
3. Tried to run setspn.exe - errors finding object
4. Spent the last 6 hours searching other forums and KB's to no avail
5. Removed and re-joined my PC to the domain.

Shouldnt kerberos ONLY request tickets and services using the currently
logged on user?

Whoever knows the answer to this one is a TRUE MASTER! HELP!!

Thanks,
Mike

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Double check that there are no entries in "stored credentials" on the XP
computer that are being used to access the resource. Use whoami or set
command to view what user the computer shows as logged on. Persistent
credentials for a mapped drive could also cause another user to show as
being authenticated in the dc log. --- Steve

http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prdp_log_vkxx.asp
-- XP stored credentials

"Mike V" <Mike V@discussions.microsoft.com> wrote in message
news:12679EAF-7E09-4332-96EA-19D124E1EF88@microsoft.com...
>I logged onto my workstation (XP Pro on Win2k AD domain) earlier this week
> using a different username. Now when I log into my PC with MY username,
> the
> DC's security event log is showing that the kerberos service tickets are
> being requested by the other user.
>
> The problem is that the other user is simply a domain user, but I am a
> Domain Admin. I only have the rights of a normal user now using MMC to
> administer the domain. Also, when I do a net use to an $admin drive share
> on
> another pc, I get the login dialog box with the OTHER user already in the
> username field - instead of just letting me in like it always did.
>
> How can I re-set the user that my Kerberos client is using to request
> tickets and services from my PC?!?!
> I have already done the following:
>
> 1. Removed the other users profile from my PC - and did a search of the
> registry, and the user name is nowhere to be found except in the old
> \documents and settings\profile path
> 2. Disabled the other user in AD - but then I get all kinds of kerberos
> failures and errors on my PC and the DC's security log - MMC doesnt work
> at
> all at that point.
> 3. Tried to run setspn.exe - errors finding object
> 4. Spent the last 6 hours searching other forums and KB's to no avail
> 5. Removed and re-joined my PC to the domain.
>
> Shouldnt kerberos ONLY request tickets and services using the currently
> logged on user?
>
> Whoever knows the answer to this one is a TRUE MASTER! HELP!!
>
> Thanks,
> Mike