Failure Audit Security Event ID: 675 Pre-Authentication Failed krbtgt/[domain]

Posted on 2006-05-04
Last Modified: 2012-05-05
A few users have had some difficulties logging into the network this morning.  I check the event log and noticed a few instances of the following.  This event was followed by Event ID: 529 by the users having trouble.  I was able to get the users logged into after stopping and starting the Kerberos service, but I would like to find the cause of the problem.  Anyone have any ideas?  Thanks in advance for any help.

Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 675
Computer: SERVER(PDC)

Pre-authentication failed:
User Name: Administrator
User ID: [domain]\administrator
Service Name: krbtgt/[domain]
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address:
Question by:AzagThothe
    LVL 6

    Expert Comment

    There's some good explanation on this event here, with some things for you to consider:

    Good luck

    Author Comment

    I may have found the problem.  We have a backup DC that is running in another building.  I noticed yesterday that it was turned off.  It seems to have been either off or not replication for several months, meaning that it was tombstoned and AD replications have not been occuring.  I just recently started this position and I am still trying to get a feel for the network.  Some of the users were more then likely trying to authenticate with the backup dc with new passwords.

    I am now running into another issue with "repadmin".

    I determined that the backup dc that I turned on yesterday is the cause of some 2042 directory service event ids, using repadmin /showrepl.  I am getting an invalid arguments error when I try to use the repadmin /removelingeringobjects command.  I do not want to force a replication through the registry before lingering objects are deleted.  Can anyone give me any tips here?
    LVL 6

    Accepted Solution

    Here's the Technet article on what to do in your situation:


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
    Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now