Have you got Windows Server 2003 domain controllers?
Have you started the migration to Windows Server 2012 R2?
Have you added a Windows Server 2012 R2 domain controller into the same domain as your Windows Server 2003 domain controllers?
Houston!, you might have a problem!;
When any domain user tries to log on to their computer, the logon may fail with “unknown username or bad password”. Only local logons are successful.
Event ID: 4
Source: Kerberos
Type: Error
"The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/myserver.domain.com. This indicates that the password used to encrypt the Kerberos service ticket is different than that on the target server. Commonly, this is due to identically named machine accounts in the target realm (domain.com), and the client realm. Please contact your system administrator."
Please review this article as there are lots of people having issues and there is currently NO fix!
UPDATE: The hotfix is now available for this issue! Get it at http://support.microsoft.com/kb/2989971
