| Event Id | 27 |
| Source | Microsoft-Windows-Kerberos-Key-Distribution-Center |
| Description | While processing a TGS request for the target server %1, the account %2 did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of %3). The requested etypes were %4. The accounts available etypes were %5. |
| Event Information | According to Microsoft : Cause This event is logged when processing a TGS request for the target server, the account did not have a suitable key for generating a Kerberos ticket. Resolution Configure an available encryption type Kerberos supports several encryption types that are used to encrypt the tickets. If you are using a non-Microsoft Kerberos client to request a ticket from a Windows-based Kerberos server, the Kerberos client must support the same encryption type. Use the event log message to determine the available encryption type and configure the Kerberos client accordingly. Verify To verify that the Kerberos client is configured with an available encryption type, you should ensure that a Kerberos ticket was received from the Key Distribution Center (KDC) and cached on the local computer. You can view cached Kerberos tickets on the local computer by using the Klist command-line tool. Note: Klist.exe is not included with Windows Vista, Windows Server 2003, Windows XP, or Windows 2000. You must download and install the Windows Server Resource Kit before you can use Klist.exe. To view cached Kerberos tickets by using Klist: 1.Log on to a Kerberos client computer within your domain. 2.Click Start, point to All Programs, click Accessories, and then click Command Prompt. 3.Type klist tickets, and then press ENTER. 4.Verify that a cached Kerberos ticket is available. Ensure that the Client field displays the client on which you are running Klist. Ensure that the Server field displays the domain in which you are connecting. 5.Close the command prompt. |
| Reference Links | Event ID 27 from Microsoft-Windows-Kerberos-Key-Distribution-Center |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.