Event Source: | Microsoft Windows Kerberos Key Distribution Center |
Event ID: | 41 (0x80000029) |
Event log: | System |
Event type: | Warning or error |
Event text (English): | The Key Distribution Center (KDC) encountered a user certificate that was valid but contained a different SID than the user to which it mapped. As a result, the request involving the certificate failed. See https://go.microsoft.com/fwlink/?linkid=2189925 to learn more. User: %1 User SID: %2 Certificate Subject: %3 Certificate Issuer: %4 Certificate Serial Number: %5 Certificate Thumbprint: %6 Certificate SID: %7 |
Event text (German): | The Key Distribution Center (KDC) found a valid user certificate, but it contained a different SID than the user it is assigned to. As a result, an error occurred in the request involving the certificate. For more information, see https://go.microsoft.com/fwlink/?linkid=2189925 User: %1 User SID: %2 Certificate requester: %3 Certificate issuer: %4 Certificate serial number: %5 Certificate fingerprint: %6 Certificate SID: %7 |
Category: Events
Details of the event with ID 40 of the source Microsoft-Windows-Kerberos-Key-Distribution-Center
Event Source: | Microsoft Windows Kerberos Key Distribution Center |
Event ID: | 40 (0x80000028) |
Event log: | System |
Event type: | Warning or error |
Event text (English): | The Key Distribution Center (KDC) encountered a user certificate that was valid but could not be mapped to a user in a secure way (such as via explicit mapping, key trust mapping, or a SID). The certificate also predated the user it mapped to, so it was rejected. See https://go.microsoft.com/fwlink/?linkid=2189925 to learn more. User: %1 Certificate Subject: %2 Certificate Issuer: %3 Certificate Serial Number: %4 Certificate Thumbprint: %5 Certificate Issuance Time: %6 Account Creation Time: %7 |
Event text (German): | The Key Distribution Center (KDC) found a valid user certificate, but it could not be mapped to a user in a secure way (for example, via an explicit mapping, key trust mapping, or SID). The certificate also prefixed the user it was associated with, which is why it was rejected. For more information, see https://go.microsoft.com/fwlink/?linkid=2189925. User: %1 Certificate requester: %2 Certificate issuer: %3 Certificate serial number: %4 Certificate fingerprint: %5 Certificate issuance time: %6 Account creation time: %7 |
Details of the event with ID 39 of the source Microsoft-Windows-Kerberos-Key-Distribution-Center
Event Source: | Microsoft Windows Kerberos Key Distribution Center |
Event ID: | 39 (0x80000027) |
Event log: | System |
Event type: | Warning or error |
Event text (English): | The Key Distribution Center (KDC) encountered a user certificate that was valid but could not be mapped to a user in a secure way (such as via explicit mapping, key trust mapping, or a SID). Such certificates should either be replaced or mapped directly to the user via explicit mapping. See https://go.microsoft.com/fwlink/?linkid=2189925 to learn more. User: %1 Certificate Subject: %2 Certificate Issuer: %3 Certificate Serial Number: %4 Certificate Thumbprint: %5 |
Event text (German): | The Key Distribution Center (KDC) has found a valid user certificate, but it could not be mapped to a user in a secure way (for example, via an explicit mapping, a key trust mapping, or an SID). Such certificates should either be replaced or mapped directly to the user via an explicit mapping. For more information, see https://go.microsoft.com/fwlink/?linkid=2189925 User: %1 Certificate requester: %2 Certificate issuer: %3 Certificate serial number: %4 Certificate fingerprint: %5 |
Overview of Remote Desktop Session Host Events Relevant for PKI
The following is an overview of the events in the Windows Event Viewer generated by the Remote Desktop session host that are relevant to the public key infrastructure.
Continue reading „Übersicht über die für die PKI relevanten Ereignisse des Remotedesktop-Sitzungshosts“Details of the event with ID 1073 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1073 (0xC0000431) |
Event log: | System |
Event type: | |
Event text (English): | The msPKI-Cert-Template-OID column for the template-based certificate %1 returned an unknown data type %2. |
Event text (German): | The msPKI-Cert-Template-OID column for template-based certificate %1 returned unknown data type %2. |
Details of the event with ID 1072 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1072 (0xC0000430) |
Event log: | System |
Event type: | |
Event text (English): | The cn column for the template-based certificate %1 returned an unknown data type %2. |
Event text (German): | The column "cn" for the template-based certificate %1 has returned the unknown data type %2. |
Details of the event with ID 1065 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1065 (0xC0000429) |
Event log: | System |
Event type: | Error |
Event text (English): | The template-based certificate that is being used by the RD Session Host server for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption has expired and cannot be replaced by the RD Session Host server. The following error occurred: %1. |
Event text (German): | The template-based certificate used by the Remote Desktop session host server for authentication and encryption using Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) has expired and cannot be replaced by the Remote Desktop session host server. Error: %1. |
Details of the event with ID 1064 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1064 (0xC0000428) |
Event log: | System |
Event type: | Error |
Event text (English): | The RD Session Host server cannot install a new template-based certificate to be used for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption. The following error occured: %1. |
Event text (German): | The Remote Desktop session host server cannot install a new template-based certificate to be used for authentication and encryption using Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL). Error: %1. |
Details of the event with ID 1063 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1063 (0xC0000427) |
Event log: | System |
Event type: | Information |
Event text (English): | A new template-based certificate to be used by the RD Session Host server for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption has been installed. The name for this certificate is %1. The SHA1 hash of the certificate is provided in the event data. |
Event text (German): | A new template-based certificate has been installed to be used by the Remote Desktop session host server for authentication and encryption using Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL). The name of this certificate is %1. The SHA1 hash value of the certificate is provided in the event data. |
Details of the event with ID 1062 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1062 (0xC0000426) |
Event log: | System |
Event type: | Error |
Event text (English): | The RD Session Host server is configured to use a template-based certificate for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption, but the subject name on the certificate is invalid. %1 The SHA1 hash of the certificate is in the event data. Therefore, the default certificate will be used by the RD Session Host server for authentication. To resolve this issue, make sure that template used to create this certificate is configured to use DNS name as subject name . |
Event text (German): | The Remote Desktop session host server is configured to use a template-based certificate for authentication and encryption using Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL), but the requester name on the certificate is invalid. %1 The SHA1 hash value of the certificate is included in the event data. Therefore, the Remote Desktop session host server uses the default certificate for authentication. To resolve the issue, ensure that the template used to create this certificate is configured to use a DNS name as the requestor name. |
Details of the event with ID 1059 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1059 (0xC0000423) |
Event log: | System |
Event type: | |
Event text (English): | The RD Session Host Server authentication certificate configuration data was invalid and the service reset it. If the computer was configured to use a specific certificate, please verify it is available in the certificate store and use the administrative tools to select it again. |
Event text (German): | The configuration information of the authentication certificate for the Remote Desktop session host server was invalid and the service reset it. If the computer was configured to use a specific certificate, verify that it is available in the certificate store and use the management utilities to reselect it. |
Details of the event with ID 1058 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1058 (0xC0000422) |
Event log: | System |
Event type: | |
Event text (English): | The RD Session Host Server has failed to replace the expired self signed certificate used for RD Session Host Server authentication on SSL connections. The relevant status code was %1. |
Event text (German): | Error replacing the expired self-signed certificate for Remote Desktop session host server authentication for SSL connections. Associated status code: %1. |
Details of the event with ID 1057 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1057 (0xC0000421) |
Event log: | System |
Event type: | |
Event text (English): | The RD Session Host Server has failed to create a new self signed certificate to be used for RD Session Host Server authentication on SSL connections. The relevant status code was %1. |
Event text (German): | Error creating a new self-signed certificate to be used for Remote Desktop session host server authentication for SSL connections. Associated status code: %1. |
Details of the event with ID 1056 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1056 (0xC0000420) |
Event log: | System |
Event type: | Information |
Event text (English): | A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is %1. The SHA1 hash of the certificate is in the event data. |
Event text (German): | A new self-signed certificate has been generated for Remote Desktop session host server authentication for SSL connections. The name on this certificate is "%1". The SHA1 hash of the certificate can be found in the event data. |
Details of the event with ID 1055 of the source Microsoft-Windows-TerminalServices-RemoteConnectionManager
Event Source: | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Event ID: | 1055 (0xC000041F) |
Event log: | System |
Event type: | |
Event text (English): | The RD Session Host Server is configured to use a certificate but is unable to access the private key associated with this certificate. %1 The SHA1 hash of the certificate is in the event data. The default certificate will be used for RD Session Host Server authentication from now on. Please check the security settings by using the Remote Desktop Session Host Configuration tool in the Administrative Tools folder. |
Event text (German): | The Remote Desktop session host server is configured to use a certificate, but it cannot access the private key associated with that certificate. %1 The SHA1 hash of the certificate can be found in the event data. From now on, Remote Desktop session host server authentication uses the default certificate. Verify the security settings by using the Remote Desktop Session Host Configuration utility in the Administrative Tools folder. |