Share via


Kerberos Key Integrity

Applies To: Windows Server 2008

Kerberos keys are created by the Key Distribution Center (KDC) and derived from the password of the user account. These keys are used by the Kerberos client to communicate with the Kerberos KDC in a secure manner.

Events

Event ID Source Message

13

Microsoft-Windows-Kerberos-Key-Distribution-Center

The account for %1 has corrupt keys stored in the DS. Changing or setting the password should restore correct keys.

14

Microsoft-Windows-Kerberos-Key-Distribution-Center

While processing an AS request for target service %1, the account %2 did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of %3). The requested etypes : %4. The accounts available etypes : %5. Changing or resetting the password of %6 will generate a proper key.

16

Microsoft-Windows-Kerberos-Key-Distribution-Center

While processing a TGS request for the target server %1, the account %2 did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of %3). The requested etypes were %4. The accounts available etypes were %5. Changing or resetting the password of %6 will generate a proper key.

Kerberos Key Distribution Center

Core Security