| Event Id | 12 |
| Source | Microsoft-Windows-Security-Kerberos |
| Description | While using your smartcard over a VPN connection, the Kerberos subsystem encountered an error. Typically, this indicates the card has been pulled from the reader during the VPN session. Troubleshooting Kerberos Errors |
| Event Information | According to Microsoft : Cause This event is logged when using your smartcard over a VPN connection, the Kerberos subsystem encountered an error. Resolution Restart the VPN session Kerberos uses a smart card to provide mutual authentication when connecting to a virtual private network (VPN). During a VPN session, the smart card must be accessible if Kerberos needs to use it for authentication. To fix this issue, you can restart the VPN session with your smart card inserted into the smart card reader. To restart the VPN session: 1.Click Start, and then click Connect To. 2.If the VPN session is currently active, right-click the connection, and then click Disconnect. 3.Ensure that the smart card is inserted into the smart card reader. 4.Right-click the VPN connection, and then click Connect. Verify To verify that the Kerberos client is correctly configured, you should ensure that a Kerberos ticket was received from the Key Distribution Center (KDC) and cached on the local computer. You can view cached Kerberos tickets on the local computer by using the Klist command-line tool. Note: Klist.exe is not included with Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. You must download and install the Windows Server Resource Kit before you can use Klist.exe. To view cached Kerberos tickets by using Klist: 1.Log on to the Kerberos client computer. 2.Click Start, point to All Programs, click Accessories, and then click Command Prompt. 3.Type klist tickets, and then press ENTER. 4.Verify that a cached Kerberos ticket is available. Ensure that the Client field displays the client on which you are running Klist. Ensure that the Server field displays the domain in which you are connecting. 5.Close the command prompt. |
| Reference Links | Event ID 12 from Microsoft-Windows-Security-Kerberos |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.