Solved

Pre-Authentication failures on DC

Posted on 2014-02-05
1
464 Views
1 Endorsement
Last Modified: 2014-02-06
I have seen these in the event viewer on my DCs for a while and have never been able to figure out the cause. It has never caused any issues that I am aware of but I would like to see if i can figure out what exactly is going on to cause these messages. And hopefully resolve them.

Our domain is still 2003 forest and function level but we have performed the prep for 2008 r2.

Event ID 675
Source Security

Pre-authentication failed:
       User Name:      usrname
       User ID:            domainname\usrname
       Service Name:      krbtgt/domainname
       Pre-Authentication Type:      0x0
       Failure Code:      0x19
       Client Address:      192.168.100.149

These will show up with different users from within our organization but as I said never seen to cause any issues such as lockouts etc.
1
Comment
Question by:Joseph Daly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39837651
You are getting this warning due to a AES 128 encryption which is being sent using either Windows Vista/7 or server 2008 member servers. This is a new encryption format that there clients and servers user. 2003 DC's do not support this type of encryption which throws an error in the event log. This event is harmless and can be ignored. If you are looking to surpress this error message you can setup your clients/member servers to use a lower level authentication encryption.

You can distribute the registry key using GPO to your workstations and member servers.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Name: DefaultEncryptionType
Type: REG_DWORD 
Value: 23

Open in new window



Personally I would not bother with this change if you are looking to upgrade your DC's in the near future, as you will want to undo this change to get the highest level of encryption.

You can also check out the link below which provides great detail on this error message and the reasoning for it.

Event ID 675

Will.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question