Active Directory Domain Services Replication Availability
Applies To: Windows Server 2008 R2
The Kerberos Key Distribution Center (KDC) uses a key ticket version to ensure that the keys are current across domain controllers acting as KDCs. The key ticket version is replicated to the other domain controllers by using Active Directory Domain Services (AD DS) replication.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-Kerberos-Key-Distribution-Center |
When generating a cross realm referal from domain %1 the KDC was not able to find the suitable key to verify the ticket. The ticket key version in the request was %2 and the available key version was %3. This most common reason for this error is a delay in replicating the keys. In order to remove this problem try forcing replication or wait for the replication of keys to occur. |