How to enable Kerberos event logging (262177)
The information in this article applies to:
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional
This article was previously published under Q262177 IN THIS TASKIMPORTANT: This article contains information about modifying the registry. Before you
modify the registry, make sure to back it up and make sure that you understand how to restore
the registry if a problem occurs. For information about how to back up, restore, and edit the
registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
SUMMARYMicrosoft Windows 2000 and Microsoft Windows Server 2003 offer the capability of tracing detailed Kerberos events through the event log mechanism. You can use this information when you troubleshoot Kerberos. This article describes how to enable Kerberos event logging. WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may
require you to reinstall your operating system. Microsoft cannot guarantee that you can solve
problems that result from using Registry Editor incorrectly. Use Registry Editor at your own
risk.
back to the top
Enabling Kerberos Event Logging on a Specific Computer- Start Registry Editor.
- Add the following registry value:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
Registry Value: LogLevel
Value Type: REG_DWORD
Value Data: 0x1
If the Parameters subkey does not exist, create it.
Note Remove this registry value when it is no longer needed so that performance is not degraded on the computer.
Also, you can remove this registry value to disable Kerberos event logging on a specific computer. - Quit Registry Editor, and then restart the computer.
You can find any Kerberos-related events in the system log.
back to the top
Modification Type: | Major | Last Reviewed: | 2/16/2005 |
---|
Keywords: | kbenv kbHOWTOmaster KB262177 kbAudITPro |
---|
|