Details of the event with ID 120 of the source Microsoft-Windows-Kerberos-Key-Distribution-Center

Event Source:	Microsoft Windows Kerberos Key Distribution Center
Event ID:	120 (0x78)
Event log:	Microsoft-Windows-Kerberos-Key-Distribution-Center/Operational
Event type:	Error
Event text (English):	The Key Distribution Center (KDC) failed to validate its current KDC certificate. This KDC might not be enabled for smart card or certificate authentication. Kdc Certificate Information: Issuer Name: %1 Serial Number: %2 Thumbprint: %3 Template: %4 Kerberos Error: %5 Validation Error: %6
Event text (German):	The Key Distribution Center (KDC) could not verify the current KDC certificate. This KDC may not be able to be used for smart card or certificate authentication. KDC certificate information: Issuer name: %1 Serial number: %2 Fingerprint: %3 Template: %4 Kerberos error: %5 Verification error: %6

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

Parameter

The parameters contained in the event text are filled with the following fields:

• %1: Issuer (win:UnicodeString)
• %2: SerialNumber (win:UnicodeString)
• %3: Thumbprint (win:UnicodeString)
• %4: Template (win:UnicodeString)
• %5: KerbErr (win:UInt32)
• %6: ErrorCode (win:UInt32)

Description

This event is generated only if the corresponding event log has been explicitly enabled.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

No description has been written for this yet.

Related links:

• Overview of Active Directory events relevant for PKI
• Overview of Windows events generated by the certification authority
• Overview of audit events generated by the Certification Authority

External sources

• What's New in Kerberos Authentication (Microsoft)