Security Event (Event ID 675) on an ADS... Pre-authentication failed: User Name: jsmith User ID: DOMAIN\jsmith Service Name: krbtgt/DOMAIN.COM Pre-Authentication Type: 0x0 Failure Code: 0x19 Client Address: 10.10.10.10
jsmith's account works fine in the domain, but from this particular client it's not working. This client (actually a Cisco network device using Kerberbos) authenticates all of the other users ok. Only jsmith has a problem, and only from this client. I can enable the "Do not require pre-authentication" option under ActiveDirectory, and it works, but the fact that I need to do this (and only for one person) tells me there's a problem with something else on the network. Reviewing RFC 1510, I think my failure code means KDC_ERR_SERVICE_REVOKED which translates to "Credentials for server have been revoked". But it does not make sense to me that the server (well, the Cisco device) can still authenticate the other users just fine. Thanks, Scott ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos