Kerberos event logging is intended only for troubleshooting when you expect additional information for the Kerberos client side at a defined action timeframe. Kerberos logging should be disabled when not actively troubleshooting.
How-to
To enable Kerberos logs on a specific machine, please follow these steps:
1. Open Registry Editor.
2. Add the following registry value:
Note: If the Parameters subkey does not exist, create it.
3. Quit Registry Editor. The setting will become effective immediately on Windows Server 2012 R2, Windows 7, and later versions.
After this, you can find any Kerberos-related events in the system log.
Note: A change in logging level will cause all Kerberos errors to be logged in an event. Some errors are expected in the Kerberos protocol based on the protocol specification. As a result, enabling Kerberos logging may generate events containing expected false positive errors even when there are no Kerberos operational errors.
Was this article helpful?
Tell us how we can improve it.