This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 10%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETD%3C/text%3E%3C/svg%3E)
hi
I changed the domain controller administrator password,
4771 kerberos pre-authentication failed warning dc appears continuously from the exchange server ip, which is a member.
There is no scheduled task on the exchange server, no credentials
Exchange Server 2019
xxxx\administrator
krbtgt/xxxx.local
192. 168.100.200 (exchange ip)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 94%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELM%3C/text%3E%3C/svg%3E)
Hi @Tanju Demir ,
Welcome to our forum.
This error can be caused when the user's password has expired or is incorrect.
Here are some of my troubleshooting:
1.Make sure that your other backup software updates your password. In this thread, the problem is caused by not updating the password in the backup software after changing the password.
2.Domain administrator credentials are not updated on DHCP.
Please open Start -> Type "DHCP" and hit enter -> expand the tree to show IPv4 -> right click and go to Properties -> switch to the Advanced tab -> click the Credentials button -> update domain admin credentials.
The following threads are expected to be helpful to you:
1652152-domain-administrator-lock-outs-after-password-change
578579-audit-failure-event-id-4771-for-domain-admin
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi Tanjur,
This event is not generated if “Do not require Kerberos preauthentication” option is set for the account. 4771 is basically a Kerberos pre-authentication failed. As you know the source you can implement additional Security monitoring event-4771
So I suggest you investigate why that account is sending pre-auth errors and By default the KDC requires all accounts to use pre-authentication. This is a security feature which offers protection against password-guessing attacks.
Hope this helps.
==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
4771 I know it has to do with kerberos authentication, after changing the password in dc, this event error comes from my exchange server.
It happens because of heart mailboxes or because the password is outdated somewhere else between exchange-dc
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 33%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETD%3C/text%3E%3C/svg%3E)
the source of the problem is acronis exchange agent service, domain is configured with admin while backing up exchange database