Event ID 7 — Security Accounts Manager Availability
Applies To: Windows Server 2008
The Security Accounts Manager (SAM) database on the Kerberos client is used to authenticate requests from the Kerberos Key Distribution Center (KDC). The SAM database must be available for the Kerberos client authentication request to succeed.
Event Details
Product: | Windows Operating System |
ID: | 7 |
Source: | Microsoft-Windows-Kerberos-Key-Distribution-Center |
Version: | 6.0 |
Symbolic Name: | KDCEVENT_SAM_CALL_FAILED |
Message: | The Security Account Manager failed a KDC request in an unexpected way. The error is in the data field. The account name was %1 and lookup type %2. |
Resolve
Restart the Kerberos client computer
The Security Accounts Manager (SAM) service is used to manage access to the SAM database. You must restart the Kerberos client computer to restart the Security Accounts Manager service.
Verify
To verify that the local Security Accounts Manager (SAM) database is available to authentication requests from the Key Distribution Center (KDC), ensure that a Kerberos ticket was received from the KDC and cached on the local computer. You can view cached Kerberos tickets on the local computer by using the Klist command-line tool.
Note: Klist.exe is not included with Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. You must download and install the Windows Server Resource Kit before you can use Klist.exe.
To view cached Kerberos tickets by using Klist:
- Log on to a Kerberos client computer within your domain.
- Click Start, point to All Programs, click Accessories, and then click Command Prompt.
- Type klist tickets, and then press ENTER.
- Verify that a cached Kerberos ticket is available.
- Ensure that the Client field displays the client on which you are running Klist.
- Ensure that the Server field displays the domain in which you are connecting.
- Close the command prompt.