Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Pre-Authentication failures on DC

Posted on 2014-02-05
1
Medium Priority
?
474 Views
1 Endorsement
Last Modified: 2014-02-06
I have seen these in the event viewer on my DCs for a while and have never been able to figure out the cause. It has never caused any issues that I am aware of but I would like to see if i can figure out what exactly is going on to cause these messages. And hopefully resolve them.

Our domain is still 2003 forest and function level but we have performed the prep for 2008 r2.

Event ID 675
Source Security

Pre-authentication failed:
       User Name:      usrname
       User ID:            domainname\usrname
       Service Name:      krbtgt/domainname
       Pre-Authentication Type:      0x0
       Failure Code:      0x19
       Client Address:      192.168.100.149

These will show up with different users from within our organization but as I said never seen to cause any issues such as lockouts etc.
1
Comment
Question by:Joseph Daly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 39837651
You are getting this warning due to a AES 128 encryption which is being sent using either Windows Vista/7 or server 2008 member servers. This is a new encryption format that there clients and servers user. 2003 DC's do not support this type of encryption which throws an error in the event log. This event is harmless and can be ignored. If you are looking to surpress this error message you can setup your clients/member servers to use a lower level authentication encryption.

You can distribute the registry key using GPO to your workstations and member servers.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Name: DefaultEncryptionType
Type: REG_DWORD 
Value: 23

Open in new window



Personally I would not bother with this change if you are looking to upgrade your DC's in the near future, as you will want to undo this change to get the highest level of encryption.

You can also check out the link below which provides great detail on this error message and the reasoning for it.

Event ID 675

Will.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question