![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 19%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETG%3C/text%3E%3C/svg%3E)
7,023 questions
The demotion was mostly successful. Certificate Services had to be removed first but only after a backup and other than local machine automatic certs, certs and CA had not been fully rolled out luckily. CA with a root CA and secondary CA will be rolled out after these DC issues are fixed.
DDC1 was demoted and put into the workgroup. At first it could not rejoin the domain because the demotion did not remove the object from ADUC and ADSS. The list at the bottom of [this page][1] was followed and will be completed today. How does one do the following:
3.Verify that FRS member objects (FRS and DFS) are removed, and remove them if they are present. 5.Remove any DFS references to the demoted server, such as links or root replicas.
DC2, the new Server 2022 DC owned all FSMO roles and was itself a GC as well as DHCP and DNS (primary).
DC1 was/is a DHCP and DNS server. So once the left-over objects of DC1 was removed from ADUC and ADSS (which also seemed to clean up all the DNS entries) it was allowed to rejoin the domain. DHCP was successfully replicated from DC2 to DC1 and nslookup was used to verify DNS.
There are still DC issues as can be seen from this listing of dcdiag /c /v /e
Starting at line 108 thru 234 DC0 is still looking at DC1 (for replication?) and DC0 fails DFSREvent.
Starting at line 754 thru 851 DC2 is still looking at DC1 (for replication?) and DC2 fails DFSREvent.
Starting at line 1065 thru 1421 DNS delegation is broken.
PS C:\Windows\system32> dcdiag /v /c /e
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC2, is a Directory Server.
Home Server = DC2
* Connecting to directory service on server DC2.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=company,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=company,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC0
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC0 passed test Connectivity
Testing server: Default-First-Site-Name\DC2
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC0
Starting test: Advertising
The DC DC0 is advertising itself as a DC and having a DS.
The DC DC0 is advertising as an LDAP server
The DC DC0 is advertising as having a writeable directory
The DC DC0 is advertising as a Key Distribution Center
The DC DC0 is advertising as a time server
The DS DC0 is advertising as a GC.
......................... DC0 passed test Advertising
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
Found KDC DC2 for domain company.local in site Default-First-Site-Name
Checking machine account for DC DC0 on DC DC2.
* SPN found :LDAP/DC0.company.local/company.local
* SPN found :LDAP/DC0.company.local
* SPN found :LDAP/DC0
* SPN found :LDAP/DC0.company.local/company
* SPN found :LDAP/26aba1bf-c251-47fa-acd9-31cea1bb7d23._msdcs.company.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/26aba1bf-c251-47fa-acd9-31cea1bb7d23/company.local
* SPN found :HOST/DC0.company.local/company.local
* SPN found :HOST/DC0.company.local
* SPN found :HOST/DC0
* SPN found :HOST/DC0.company.local/company
* SPN found :GC/DC0.company.local/company.local
Checking for CN=DC0,OU=Domain Controllers,DC=company,DC=local in domain DC=company,DC=local on 2 servers
Object is up-to-date on all servers.
[DC0] No security related replication errors were found on this DC! To target the connection to a
specific source DC use /ReplSource:<DC>.
......................... DC0 passed test CheckSecurityError
Starting test: CutoffServers
* Configuration Topology Aliveness Check
* Analyzing the alive system replication topology for DC=ForestDnsZones,DC=company,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=DomainDnsZones,DC=company,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=company,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for CN=Configuration,DC=company,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
* Analyzing the alive system replication topology for DC=company,DC=local.
* Performing upstream (of target) analysis.
* Performing downstream (of target) analysis.
......................... DC0 passed test CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
Skip the test because the server is running DFSR.
......................... DC0 passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL
replication problems may cause Group Policy problems.
A warning event occurred. EventID: 0x80001396
Time Generated: 02/03/2022 12:12:28
Event String:
The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 1723 (The RPC server is too busy to complete this operation.)
Connection ID: FEB53088-DCB1-40E8-A920-CF13C4BBF0CF
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
A warning event occurred. EventID: 0x80001396
Time Generated: 02/03/2022 14:40:42
Event String:
The DFS Replication service is stopping communication with partner DC1 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 9033 (The request was cancelled by a shutdown)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
An error event occurred. EventID: 0xC000138A
Time Generated: 02/03/2022 14:41:12
Event String:
The DFS Replication service encountered an error communicating with partner DC1 for replication group Domain System Volume.
Partner DNS address: DC1.company.local
Optional data if available:
Partner WINS Address: DC1
Partner IP Address: 192.168.1.80
The service will retry the connection periodically.
Additional Information:
Error: 1726 (The remote procedure call failed.)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
A warning event occurred. EventID: 0x80001396
Time Generated: 02/03/2022 14:54:18
Event String:
The DFS Replication service is stopping communication with partner DC1 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 9033 (The request was cancelled by a shutdown)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
An error event occurred. EventID: 0xC0001390
Time Generated: 02/03/2022 14:54:54
Event String:
The DFS Replication service failed to communicate with partner DC1 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.
Partner DNS Address: DC1.company.local
Optional data if available:
Partner WINS Address: DC1
Partner IP Address: 192.168.1.80
The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
A warning event occurred. EventID: 0x80001396
Time Generated: 02/03/2022 15:18:16
Event String:
The DFS Replication service is stopping communication with partner DC1 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 9033 (The request was cancelled by a shutdown)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
An error event occurred. EventID: 0xC000138A
Time Generated: 02/03/2022 15:18:46
Event String:
The DFS Replication service encountered an error communicating with partner DC1 for replication group Domain System Volume.
Partner DNS address: DC1.company.local
Optional data if available:
Partner WINS Address: DC1
Partner IP Address: 192.168.1.80
The service will retry the connection periodically.
Additional Information:
Error: 1726 (The remote procedure call failed.)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
A warning event occurred. EventID: 0x80001396
Time Generated: 02/03/2022 15:27:18
Event String:
The DFS Replication service is stopping communication with partner DC1 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 9033 (The request was cancelled by a shutdown)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
An error event occurred. EventID: 0xC000138A
Time Generated: 02/03/2022 15:27:32
Event String:
The DFS Replication service encountered an error communicating with partner DC1 for replication group Domain System Volume.
Partner DNS address: DC1.company.local
Optional data if available:
Partner WINS Address: DC1
Partner IP Address: 192.168.1.80
The service will retry the connection periodically.
Additional Information:
Error: 1753 (There are no more endpoints available from the endpoint mapper.)
Connection ID: 9551F88D-AD9C-491F-9316-AE4CA8FC5790
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
A warning event occurred. EventID: 0x80001396
Time Generated: 02/04/2022 00:09:56
Event String:
The DFS Replication service is stopping communication with partner DC2 for replication group Domain System Volume due to an error. The service will retry the connection periodically.
Additional Information:
Error: 9036 (Paused for backup or restore)
Connection ID: FEB53088-DCB1-40E8-A920-CF13C4BBF0CF
Replication Group ID: 379052DE-A489-4267-87C2-847E328CDB38
......................... DC0 failed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC0 passed test SysVolCheck
Starting test: FrsSysVol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... DC0 passed test FrsSysVol
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
......................... DC0 passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
Role Domain Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
Role PDC Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
Role Rid Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local
......................... DC0 passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC DC0 on DC DC0.
* SPN found :LDAP/DC0.company.local/company.local
* SPN found :LDAP/DC0.company.local
* SPN found :LDAP/DC0
* SPN found :LDAP/DC0.company.local/company
* SPN found :LDAP/26aba1bf-c251-47fa-acd9-31cea1bb7d23._msdcs.company.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/26aba1bf-c251-47fa-acd9-31cea1bb7d23/company.local
* SPN found :HOST/DC0.company.local/company.local
* SPN found :HOST/DC0.company.local
* SPN found :HOST/DC0
* SPN found :HOST/DC0.company.local/company
* SPN found :GC/DC0.company.local/company.local
......................... DC0 passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC DC0.
* Security Permissions Check for
DC=ForestDnsZones,DC=company,DC=local
(NDNC,Version 3)
* Security Permissions Check for
DC=DomainDnsZones,DC=company,DC=local
(NDNC,Version 3)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=company,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=company,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=company,DC=local
(Domain,Version 3)
......................... DC0 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\DC0\netlogon
Verified share \\DC0\sysvol
......................... DC0 passed test NetLogons
Starting test: ObjectsReplicated
DC0 is in domain DC=company,DC=local
Checking for CN=DC0,OU=Domain Controllers,DC=company,DC=local in domain DC=company,DC=local on 2 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=DC0,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=company,DC=local in domain CN=Configuration,DC=company,DC=local on 2 servers
Object is up-to-date on all servers.
......................... DC0 passed test ObjectsReplicated
Starting test: OutboundSecureChannels
* The Outbound Secure Channels test
** Did not run Outbound Secure Channels test because /testdomain: was not entered
......................... DC0 passed test OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
DC=ForestDnsZones,DC=company,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=company,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Schema,CN=Configuration,DC=company,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
CN=Configuration,DC=company,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
DC=company,DC=local
Latency information for 2 entries in the vector were ignored.
2 were retired Invocations. 0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc. 0 had no latency information (Win2K DC).
......................... DC0 passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 3101 to 1073741823
* DC2.company.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1601 to 2100
* rIDPreviousAllocationPool is 1601 to 2100
* rIDNextRID: 1675
......................... DC0 passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: DFSR
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... DC0 passed test Services
Starting test: SystemLog
* The System Event log test
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:17:13
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:17:13.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:20:20
Event String:
A Kerberos error message was received:
on logon session
Client Time:
Server Time: 12:20:20.0000 2/4/2022 Z
Error Code: 0x7 KDC_ERR_S_PRINCIPAL_UNKNOWN
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/NT Authority
Target Name: krbtgt/NT Authority@company.LOCAL
Error Text:
File: 9
Line: 1396
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:22:17
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:22:17.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:27:21
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:27:21.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:32:24
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:32:24.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:32:25
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:32:25.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:37:28
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:37:28.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:37:29
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:37:29.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:42:32
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:42:32.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:42:33
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:42:33.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:47:36
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:47:36.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:47:37
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:47:37.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:52:41
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:52:41.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x80000003
Time Generated: 02/04/2022 07:57:44
Event String:
A Kerberos error message was received:
on logon session company.LOCAL\DC0$
Client Time:
Server Time: 12:57:44.0000 2/4/2022 Z
Error Code: 0x19 KDC_ERR_PREAUTH_REQUIRED
Extended Error:
Client Realm:
Client Name:
Server Realm: company.LOCAL
Server Name: krbtgt/company.LOCAL
Target Name: krbtgt/company.LOCAL@company.LOCAL
Error Text:
File: e
Line: d48
Error Data is in record data.
An error event occurred. EventID: 0x8000