Kerberos Key Integrity
Applies To: Windows Server 2008 R2
Kerberos keys are created by the Key Distribution Center (KDC) and derived from the password of the user account. These keys are used by the Kerberos client to communicate with the Kerberos KDC in a secure manner.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-Kerberos-Key-Distribution-Center |
The account for %1 has corrupt keys stored in the DS. Changing or setting the password should restore correct keys. | |
Microsoft-Windows-Kerberos-Key-Distribution-Center |
While processing an AS request for target service %1, the account %2 did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of %3). The requested etypes : %4. The accounts available etypes : %5. Changing or resetting the password of %6 will generate a proper key. | |
Microsoft-Windows-Kerberos-Key-Distribution-Center |
While processing a TGS request for the target server %1, the account %2 did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of %3). The requested etypes were %4. The accounts available etypes were %5. Changing or resetting the password of %6 will generate a proper key. |