Hello
Thank you for your question and reaching out.
I can understand you are facing issue with event ID 4769.
This event is generated every time access is requested to a resource such as a computer or a Windows service. The service name indicates the resource to which access was requested.
This event can be correlated with Windows logon events by comparing the Logon GUID fields in each event. The logon event occurs on the machine that was accessed, which is often a different machine than the domain controller which issued the service ticket.
You will typically see many Failure events with Failure Code “0x20”, which simply means that a TGS ticket has expired. These are informational messages and have little to no security relevance.
https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4769
------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept as answer--