| ID |
Event Description |
|
4768
|
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
Domain Controller, Audit Success, Audit Failure, CJIS, ISO 27001:2013, PCI-DSS, NIST 800-171, NIST SP 800-53
|
|
4769
|
A Kerberos service ticket was requested
Domain Controller, Audit Success, Audit Failure, CJIS, ISO 27001:2013, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L1
|
|
4770
|
A Kerberos service ticket was renewed
Domain Controller, Audit Success
|
|
4771
|
Kerberos pre-authentication failed
Domain Controller, Audit Failure, CJIS, ISO 27001:2013, PCI-DSS, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4772
|
A Kerberos authentication ticket request failed
Domain Controller, Audit Failure, Not Implemented
|
|
4773
|
A Kerberos service ticket request failed
Domain Controller, Audit Failure, Not Implemented
|
|
4774
|
An account was mapped for logon
Domain Controller, Audit Success, Audit Failure
|
|
4776
|
The computer attempted to validate the credentials for an account
Audit Failure, Audit Success, CJIS, ISO 27001:2013, PCI-DSS, HIPAA, NIST 800-171, NIST SP 800-53, CMMC L1
|
|
4820
|
A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions
Domain Controller
|
|
4821
|
A Kerberos service ticket was denied because the user, device, or both does not meet the access control restrictions
Domain Controller
|
|
4822
|
NTLM authentication failed because the account was a member of the Protected User group
|
|
4823
|
NTLM authentication failed because access control restrictions are required
|
|
4824
|
Kerberos preauthentication by using DES or RC4 failed because the account was a member of the Protected User group
Domain Controller
|