[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 861
  • Last Modified:

KDC Event 14 on Windows 2008 R2 Server

We are seeing numerous events on 2008R2 DCs similar to the following

While processing an AS request for target service krbtgt, the account xxxxxx did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 2). The requested etypes : 18. The accounts available etypes : 23  -133  -128. Changing or resetting the password of xxxxxx will generate a proper key.

The clients are Windows 7, there are only 2008R2 DCs in the domain.  The DFL/FFL is 2008R2.

I can understand the client requesting etype 18 (AES default for Windows 7) but I don't undertsand why the account only has available etype of 23 (RC4) or the negative ones, whatever they are.

Also, what does the missing key ID of 2 bit mean?

I'm pretty sure that these events are harmless enough as we're not getting a slew of calls for people not being able to log on, I'm just curious why an account in a 2008R2 domain on a Win7 client doesn't have etype 18 available.

Any help much appreciated,
Stan
0
Stanner-UK
Asked:
Stanner-UK
1 Solution
 
Dan McFaddenSystems EngineerCommented:
You need to reset the password of the account referenced in the message.  The solution is in the error message, also a TechNet reference to the event id:

http://technet.microsoft.com/en-us/library/cc733991(v=ws.10).aspx

Dan
0
 
BahloulCommented:
Hi,

to fulfill this you must delete the stored password on the client machine then reset their password the root cause here because many users saved there password in some integrated applications .
0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now