Export (0) Print
Expand All
5 out of 10 rated this helpful - Rate this topic

Audit Kerberos Authentication Service

Updated: June 15, 2009

Applies To: Windows 7, Windows Server 2008 R2

This security policy setting allows you to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests.

If you configure this policy setting, an audit event is generated after a Kerberos authentication TGT request. Success audits record successful attempts and Failure audits record unsuccessful attempts.

Event volume: High on Kerberos Key Distribution Center servers

Default: Not configured

If this policy setting is configured, the following events are generated. The events appear on computers running Windows Server 2008 R2, Windows Server 2008, Windows 7, or Windows Vista.

 

Event ID Event message

4768

A Kerberos authentication ticket (TGT) was requested.

4771

Kerberos pre-authentication failed.

4772

A Kerberos authentication ticket request failed.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.