Regedeter
asked on
Pre login failed
I have a XP box that Pre-authentication failed:
User Name:
WS-DOCOFFICE-1$
User ID:
HPVC\WS-DOCOFFICE-1$
Service Name:
krbtgt/HPVC.LOCAL
Pre-Authentication Type:
0x0
Failure Code:
0x19
Client Address:
192.168.16.29
Any idea why?
User Name:
WS-DOCOFFICE-1$
User ID:
HPVC\WS-DOCOFFICE-1$
Service Name:
krbtgt/HPVC.LOCAL
Pre-Authentication Type:
0x0
Failure Code:
0x19
Client Address:
192.168.16.29
Any idea why?
Re: the pre-authentication failed, there's an Experts Exchange article that suggests that it is a username/password error and is not critical unless it is happening often: https://www.experts-exchange.com/questions/23200106/Pre-authentication-failed-EventID-675-Failure-Code-0x12.html.
Secondarily, you should setup a time server on your domain controller.
From http://support.microsoft.com/kb/816042
Configuring the Windows Time service to use an external time source
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\Param eters\Type
Modify the Type entry & change to “NTP” without the quotes
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\Confi g\Announce Flags
Change the AnnounceFlags to 5
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\TimeP roviders\N tpServer
Change Enabled to 1
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\Param eters
Change NtpServer to “tock.usno.navy.mil,0x1” without the quotes
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\TimeP roviders\N tpClient\S pecialPoll Interval
Change SpecialPollInterval to 900 decimal
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\Confi g\MaxPosPh aseCorrect ion
Change MaxPosPhaseCorrection to 3600 decimal
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\W32 Time\Confi g\MaxNegPh aseCorrect ion
Change MaxNegPhaseCorrection to 3600 decimal
From the Command Prompt:
net stop w32time && net start w32time
Once this is working, publish the time server IP Address in your DHCP scope (004):
From http://support.microsoft.com/kb/816042
Configuring the Windows Time service to use an external time source
HKEY_LOCAL_MACHINE\SYSTEM\
Modify the Type entry & change to “NTP” without the quotes
HKEY_LOCAL_MACHINE\SYSTEM\
Change the AnnounceFlags to 5
HKEY_LOCAL_MACHINE\SYSTEM\
Change Enabled to 1
HKEY_LOCAL_MACHINE\SYSTEM\
Change NtpServer to “tock.usno.navy.mil,0x1” without the quotes
HKEY_LOCAL_MACHINE\SYSTEM\
Change SpecialPollInterval to 900 decimal
HKEY_LOCAL_MACHINE\SYSTEM\
Change MaxPosPhaseCorrection to 3600 decimal
HKEY_LOCAL_MACHINE\SYSTEM\
Change MaxNegPhaseCorrection to 3600 decimal
From the Command Prompt:
net stop w32time && net start w32time
Once this is working, publish the time server IP Address in your DHCP scope (004):
so regarding my first comment, ignore it. The page referenced in the EE article is no longer online and the article itself has a different error than yours.
How often do you get that error and do you get it only for the one host? Is the host (ip address 192.168.16.29) a domain controller?
How often do you get that error and do you get it only for the one host? Is the host (ip address 192.168.16.29) a domain controller?
If this is a domain controller, it could be if you've got windows vista or windows 7 clients on the domain trying to use AES encryption to authenticate the login message. Windows 2003 does not support AES Encryption: http://social.technet.microsoft.com/Forums/en/winserversecurity/thread/4db3bb1a-5cdf-4874-b58f-f3cbba0ea80a
The article goes further to say that you can enter the following registry key on the Vista (or newer) workstations to force a lesser encryption type:
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Co ntrol\Lsa\ Kerberos\P arameters
Name: DefaultEncryptionType
Type: REG_DWORD
Value: 23 (dec) or 0x17 (hex)
Reboot the computers for the change to take effect.
The article goes further to say that you can enter the following registry key on the Vista (or newer) workstations to force a lesser encryption type:
HKEY_LOCAL_MACHINE\SYSTEM\
Name: DefaultEncryptionType
Type: REG_DWORD
Value: 23 (dec) or 0x17 (hex)
Reboot the computers for the change to take effect.
ASKER
This is just one workstation of three that can't access the server.
What version of Windows on the workstation?
Can you verify the DNS Settings on the workstation and ensure they are set to an Active Directory DNS Server?
Can you ping the server by name?
Can you ping the server by IP Address?
Can you try to remove and re-add one of the workstations from the domain?
Can you verify the DNS Settings on the workstation and ensure they are set to an Active Directory DNS Server?
Can you ping the server by name?
Can you ping the server by IP Address?
Can you try to remove and re-add one of the workstations from the domain?
ASKER
Why use an external time source?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for all the help, I will try all of this tomorrow at the office.
ASKER
It is fixed, thank you.
ASKER
Summary for HPVC-SERVER
Open in new window