Event Source: | Microsoft Windows Kerberos Key Distribution Center |
Event ID: | 120 (0x78) |
Event log: | Microsoft-Windows-Kerberos-Key-Distribution-Center/Operational |
Event type: | Error |
Event text (English): | The Key Distribution Center (KDC) failed to validate its current KDC certificate. This KDC might not be enabled for smart card or certificate authentication. Kdc Certificate Information: Issuer Name: %1 Serial Number: %2 Thumbprint: %3 Template: %4 Kerberos Error: %5 Validation Error: %6 |
Event text (German): | The Key Distribution Center (KDC) could not verify the current KDC certificate. This KDC may not be able to be used for smart card or certificate authentication. KDC certificate information: Issuer name: %1 Serial number: %2 Fingerprint: %3 Template: %4 Kerberos error: %5 Verification error: %6 |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: Issuer (win:UnicodeString)
- %2: SerialNumber (win:UnicodeString)
- %3: Thumbprint (win:UnicodeString)
- %4: Template (win:UnicodeString)
- %5: KerbErr (win:UInt32)
- %6: ErrorCode (win:UInt32)
Description
This event is generated only if the corresponding event log has been explicitly enabled.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
No description has been written for this yet.
Related links:
- Overview of Active Directory events relevant for PKI
- Overview of Windows events generated by the certification authority
- Overview of audit events generated by the Certification Authority
External sources
- What's New in Kerberos Authentication (Microsoft)