Question

Locked

Pre-authentication fail Event ID 672, 673, 675 in Event Viewer everywhere!

By ILUVIT ·
Hello all, after much browsing and researching I am stumped as to why my Domain Users are failing Pre-authentication (675)every time and also why Authentication Ticket Requests are failing (672) with a blank message (673). I am in an Active Directory/Windows 2003 domain environment.

The strange part is, this just began a few days ago, and *some* of the Pre-authentication errors such as Event ID 672 show Username as the Outlook email address (we're not running Exchange, just Outlook RPC/Http).

Example of EventID 672:
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event I 672
Date: 9/5/2008
Time: 1:51:00 PM
User: NT AUTHORITY\SYSTEM
Computer: MYDOMAINCONTROLLER
Description:
Authentication Ticket Request:
User Name: john.smith@email.com
Supplied Realm Name: MYDOMAIN.COM
User I -
Service Name: krbtgt/MYDOMAIN.COM
Service I -
Ticket Options: 0x40810010
Result Code: 0x6
Ticket Encryption Type: -
Pre-Authentication Type: -
Client Address: 192.168.1.101
Certificate Issuer Name:
Certificate Serial Number:
Certificate Thumbprint:

Example of EventID 675:
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event I 675
Date: 9/5/2008
Time: 2:07:58 PM
User: NT AUTHORITY\SYSTEM
Computer: MYDOMAINCONTROLLER
Description:
Pre-authentication failed:
User Name: user01
User I MYDOMAIN\user01
Service Name: krbtgt/MYDOMAIN
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: 192.168.1.136

I read a good explanation of Kerberos Authentication in relation to my problem is found her; http://www.windowsecurity.com/articles/Kerberos-Authentication-Events.html. However, it describes my errors as a result of bad user login password, however, that is not the case as all users log in just fine.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Same problem. User Account locked out

by warez_willy In reply to Pre-authentication fail E ...

I have same problem. also

Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: xxxxuserxxx
Source Workstation: xxpc07xxx
Error Code: 0xC0000234

then user gets locked out. (error 539)

Similar setup. Server 2003 with no exchange (we use hosted outlook over http now)

Collapse -

This is a shot in the dark answer..

Make sure all computers time clocks are correct. Download this little clock program it will correct the time on the clock and could cure your problem.
http://www.worldtimeserver.com/atomic-clock/
Download this and run it.

Please post back if you have any more problems or questions.
If this information is useful, please mark as helpful. Thanks.

Collapse -

Account Lockout Status Tool

by BFilmFan In reply to Pre-authentication fail E ...

I would check to make sure that the users aren't passing their email credentials to AD by using the same account names for both AD and the external email system and causing the lockout.

You may also find this article helpful:

http://technet.microsoft.com/en-us/library/cc738772.aspx

Back to Software Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums