System32
Events
Scripts
Codes
GeoIP
Tools
Audit Category
Account Logon
(5)
Audit Subcategory
Kerberos Authentication Service
(5)
Operating Systems
Windows 2012 R2
(5)
Windows 2016
(5)
Windows 2019
(5)
Windows 2012
(4)
Windows 10
(3)
Windows 2008
(3)
Windows 2008 R2
(3)
Windows 8.1
(3)
Windows 8
(2)
Windows 7
(1)
Windows Vista
(1)
Tags
Audit Failure
(2)
Domain Controller
(2)
Audit Success
(1)
ID
Event Description
4768
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
4771
Kerberos pre-authentication failed
4772
A Kerberos authentication ticket request failed
4820
A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions
4824
Kerberos preauthentication by using DES or RC4 failed because the account was a member of the Protected User group