| Event Source: | Microsoft Windows Kerberos Key Distribution Center |
| Event ID: | 200 (0xC8) |
| Event log: | Microsoft-Windows-Kerberos-Key-Distribution-Center/Operational |
| Event type: | Warning |
| Event text (English): | The Key Distribution Center (KDC) cannot find a suitable certificate to use. This KDC is not enabled for smart card or certificate authentication. |
| Event text (German): | The Key Distribution Center (KDC) cannot find a suitable certificate. This KDC is not enabled for smart card or certificate authentication. |
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
Example events
The Key Distribution Center (KDC) cannot find a suitable certificate to use. This KDC is not enabled for smart card or certificate authentication.
Description
Occurs when the domain controller does not have a network interface suitable for the Provision of smart card enrollment usable certificate disposes
This event is generated only if the corresponding event log has been explicitly enabled.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
If smartcard logon is to be used, the availability of this service is limited and the event must be rated as critical.
Related links:
- Overview of Active Directory events relevant for PKI
- Overview of Windows events generated by the certification authority
- Overview of audit events generated by the Certification Authority
External sources
- What's New in Kerberos Authentication (Microsoft)
English 
Deutsch