| Event Id | 7 |
| Source | Kerberos |
| Description | The kerberos subsystem encountered a PAC verification failure. This indicates that the PAC from the client |
| Event Information | According To Microsoft: Explanation: Verify that the secure channel is up by running nltest.exe from the command prompt on the domain controller. If the secure channel is down, restore the domain containing the service account. Nltest.exe is available on the Microsoft Windows Server Resource Kit CD. User Action: Kerberos cannot authenticate the Web program user because the server cannot verify the privilege attribute certificate (PAC) of the client. This occurs when the domain containing the service account is down and the secure channel between the computer that the service is running on and the domain containing the service account is down. This message from newsgroup may help you: -------------------------------------------------------------------------------- Various reasons may lead to this problem as listed below. 1) If KDC service in any of the domain controllers disabled. 2) In case of windows 2000/2003 servers with ActiveDirectory service, if the DNS server running on any other system and Domain Controller booted before DNS server coming up, this event may logged in. Domain controller does not work and resolve name without DNS. 3) If you enable "Secure Domain Logon" on a VPN client, this error may occurred. --------------------------------------------------------------------------------. |
| Reference Links | Microsoft product: Windows Operating System Version: 5.2 Event Source: Kerberos Event ID: 7 |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.