5.9. Error Message Specification

5.9.1. KRB_ERROR Definition

Message structure for error responses:

• pvno - Protocol version number
• msg-type - Message type (KRB-ERROR)
• ctime - Optional client timestamp
• cusec - Optional client microseconds
• stime - Server timestamp
• susec - Server microseconds
• error-code - Error code number
• crealm - Optional client realm
• cname - Optional client name
• realm - Server realm
• sname - Server name
• e-text - Optional error text
• e-data - Optional error-specific data

Error Codes

Various error codes defined including:

• KDC_ERR_NONE
• KDC_ERR_NAME_EXP
• KDC_ERR_SERVICE_EXP
• KDC_ERR_BAD_PVNO
• KDC_ERR_C_OLD_MAST_KVNO
• And many others (see Section 7.5.9)

Usage

• Returned when requests cannot be satisfied
• Provides diagnostic information
• May include additional data for specific errors
• Used in AS, TGS, and AP exchanges

Reference

For complete specification and error code list, refer to RFC 4120 Section 5.9.