Link to home
Start Free TrialLog in
Avatar of lunanat
lunanatFlag for Canada

asked on

Security event 675, code 0x19 - Logging into Win2k8

Every time any domain account logs into a Win2k8 server, it generates an error such as :

Security: 675: NT AUTHORITY\SYSTEM: Pre-authentication failed: User Name: vbroker User ID: %{S-1-5-21-448539723-1606980848-682003330-3195} Service Name: krbtgt/<domain> Pre-Authentication Type: 0x0 Failure Code: 0x19 Client Address: 192.168.11.111(server15)

Domain is 2003 Native.

What other information is needed to troubleshoot?  Failure code 0x19 means that the kerberos pre-authentication failed.

DCdiag, netdiag, and repldiag show no interesting information about the matter.
Avatar of lunanat
lunanat
Flag of Canada image

ASKER

Correction... repladmin, not repldiag.  Single-track mind day.
Avatar of Pber
Pber
Flag of Canada image
Is the server and client forward and reverse DNS records correct?  The reason being is that KERBEROS (which is the service complaining about the pre-authentication failure), relies on DNS to resolve the FQDN to be able to issue the KERBEROS tickets.
 
Avatar of lunanat
lunanat
Flag of Canada image

ASKER

Yes, the A and PTR records for all of the Win2k8 servers, as well as all of my DCs are accurate.
Avatar of Pber
Pber
Flag of Canada image
What about the client's machine?  Or is he/she logging onto the server?
Avatar of lunanat
lunanat
Flag of Canada image

ASKER

The errors are logged when accessing services hosted off of the server, and when a user logs in directly to the server - either at the console, or over MSTSC.

Unfortunately, none of the linked articles were able to provide assistance.. I'd looked through the first two before I posted here.
ASKER CERTIFIED SOLUTION
Avatar of lunanat
lunanat
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial