System Event » Windows System Event: 4824
Event ID 4824 - Kerberos pre-authentication by using DES or RC4 failed because the account was a member of the Protected User group.
Description | Kerberos pre-authentication by using DES or RC4 failed because the account was a member of the Protected User group. |
Category | Account logon |
Subcategory | Kerberos authentication service |
This event logs the following information:
Account information |
|
Service information |
|
Network Information |
|
Additional information |
|
Certificate information |
|
Information:
- Certificate information is only provided if a certificate was used for pre-authentication.
- Pre-authentication types, ticket options and failure codes are defined in RFC 41.
- If the ticket was malformed or damaged during transit and could not be decrypted, then many fields in this event might not be present.
Event 4824 applies to the following operating systems:
- Windows Server 2012 R2 and 8.1
- Windows Server 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
Account Management Auditing
Active Directory Auditing
Windows Server Auditing
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools