Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Win2k3 lost it's domain

From: Nicholas Diotte <xphox () xphox net>
Date: 8 Apr 2004 15:48:28 -0000


Good afternoon,

Today I ran into a strange problem, and after playing around a bit, and an hour of searching, I was unable to find a 
solution.

I have a management server that runs IT related services... last night I installed SQL 2000 SP3, and IBM Director.  
When I came in this morning, I noticed the machine was no longer part of the domain, and the only thing I found in the 
event viewer was the following.

<snip>
The kerberos subsystem encountered a PAC verification failure.  This indicates that the PAC from the client <computer 
name>$ in realm <my domain> had a PAC which failed to verify or was modified.  Contact your system administrator.
</snip>

I've checked all the common things... everything that I was able to find on google, and newgroups...  Most people 
report they just rejoined the domain and everything worked fine, however because this is a certificate authority server 
I had to revert to my last system state.  

1) Is this an alert that I need to jump on, or is this more or less simply just a case of active directory loosing it's 
mind?  I would like to understand exactly what happened here, but I'm unable to dig up any decent answers.  

2) Should Certificate Authority Services be run on a dedicated machine?

If this isn't a security-basics question, feel free to deny the post.

Thanks,
Nick



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: