Already a member? Log in

Sign up with your...

or

Sign Up with your email address

Add Tags

Duplicate Tags

Rename Tags

Share It With Others!

Save Link

Sign in

Sign Up with your email address

Sign up

By clicking the button, you agree to the Terms & Conditions.

Forgot Password?

Please enter your username below and press the send button.
A password reset link will be sent to you.

If you are unable to access the email address originally associated with your Delicious account, we recommend creating a new account.

ADVERTISEMENT
ADVERTISEMENT

URL: http://support.microsoft.com/kb/262177

How to enable Kerberos event logging

Microsoft Windows 2000, Windows Server 2003, and Windows Server 2008 offer the capability of tracing detailed Kerberos events through the event log mechanism. You can use this information when you troubleshoot Kerberos. This article describes how to...

Share It With Others!

Comments

enabling kerberos logging on 2008R2

Turning on Kerberos event logging is intended only for troubleshooting purpose when you expect additional information for the Kerberos client-side at a defined action timeframe.

From a general point of view, you may receive additional errors that can correctly be handled by the receiving client system without the user interference. Therefore, it does not reflect a severe problem that must be solved or even can be solved.

For example, an event log 3 about a Kerberos error that has the error code 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN for Server Name cifs/<IP address> will be logged when a share access is made against a server IP address and no server name. If this error is logged, the Windows client automatically tries to fail back to NTLM authentication for the user account. If this operation works, receive no error.

Microsoft Windows 2000, Windows Server 2003, and Windows Server 2008 offer the capability of tracing detailed Kerberos events through the event log mechanism. You can use this information when you troubleshoot Kerberos. This article describes how to enable Kerberos event logging.

Add the following registry value:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters

Registry Value: LogLevel
Value Type: REG_DWORD
Value Data: 0x1

ADVERTISEMENT
ADVERTISEMENT