Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

KDC Certificate Availability

Updated: November 30, 2007

Applies To: Windows Server 2008

Kerberos uses certificates to encrypt communication between the Kerberos client and the Kerberos Key Distribution Center (KDC).

Events

Event ID Source Message

19

Microsoft-Windows-Kerberos-Key-Distribution-Center

This event indicates an attempt was made to use smartcard logon, but the KDC is unable to use the PKINIT protocol because it is missing a suitable certificate.

20

Microsoft-Windows-Kerberos-Key-Distribution-Center

The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found. Smartcard logon may not function correctly if this problem is not remedied. Have the system administrator check on the state of the domain's public key infrastructure. The chain status is in the error data.

29

Microsoft-Windows-Kerberos-Key-Distribution-Center

The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.

Related Management Information

Kerberos Key Distribution Center

Core Security

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.