This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 48%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKP%3C/text%3E%3C/svg%3E)
Repeated event generation of Kerberos pre-authentication failed with event ID 4771 and failure code 0x18 and the event is generating from multiple instances targeting event source to domain controller.
The issue occurred after change the domain administrator password and unable to dig insides to find the root cause of generation. As since we already update the scheduler service in all member servers.
" Kerberos pre-authentication failed. Account Information: Security ID: S-1-5-21-16834707280-224241925-162353504729-500 Account Name: Administrator Service Information: Service Name: krbtgt/veeamsw.com Network Information: Client Address: ::ffff:172.16.36.3 Client Port: 65280 Additional Information: Ticket Options: 0x40810010 Failure Code: 0x18 Pre-Authentication Type: 2 Certificate Information: Certificate Issuer Name: Certificate Serial Number: Certificate Thumbprint: Certificate information is only provided if a certificate was used for pre-authentication. Pre-authentication types, ticket options and failure codes are defined in RFC 4120. If the ticket was malformed or damaged during transit and could not be decrypted, then many fields in this event might not be present."