# Audit Failure Error ID: 4771



## joswoody (Oct 5, 2011)

I have this issue that if I look at the security logs, all the time it is registering an audit failure with error ID of 4771

As I was seeing failure code 0x18 means bad password. The user uses this password and I am pretty sure that it is good.

What could cause this error. I think this started after I created a new domain controller. The following is the error:

_Kerberos pre-authentication failed.

Account Information:
Security ID: domain\user
Account Name: user

Service Information:
Service Name: krbtgt/domain

Network Information:
Client Address: 
Client Port: 53623

Additional Information:
Ticket Options: 0x40810010
Failure Code: 0x18
Pre-Authentication Type:	2

Certificate Information:
Certificate Issuer Name: 
Certificate Serial Number: 
Certificate Thumbprint:

Certificate information is only provided if a certificate was used for pre-authentication.

Pre-authentication types, ticket options and failure codes are defined in RFC 4120.

If the ticket was malformed or damaged during transit and could not be decrypted, then many fields in this event might not be present._

Thanks.


----------

