Event ID: 4820A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions
A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions. Account Information: Account Name: %1 Supplied Realm Name: %2 User ID: %3 Authentication Policy Information: Silo Name: %16 Policy Name: %17 TGT Lifetime: %18 Device Information: Device Name: %4 Service Information: Service Name: %5 Service ID: %6 Network Information: Client Address: %11 Client Port: %12 Additional Information: Ticket Options: %7 Result Code: %8 Ticket Encryption Type: %9 Pre-Authentication Type: %10 Certificate Information: Certificate Issuer Name: %13 Certificate Serial Number: %14 Certificate Thumbprint: %15 Certificate information is only provided if a certificate was used for pre-authentication. Pre-authentication types, ticket options, encryption types and result codes are defined in RFC 4120.
Lookup Audit Policy Configuration Settings
C:\> AuditPol.exe /get /subcategory:"Kerberos Authentication Service"
LEFT/RIGHT arrow keys for navigationBack to List