MonitorWare Knowledge Base

by **windwall** » Tue Sep 16, 2003 3:38 pm

And I cannot enable (re-enable?) :!:

the built-in account in Active Directory. Any thoughts about problems this could create, and/or how to enable it?

Fred

by **Guest** » Wed Oct 29, 2003 2:48 pm

The Kerberos key distribution center (KDC) uses this account. "Krbtgt" is part of the KDC's service principal name (SPN). Also, a symmetric key is derived from the password of krbtgt, and this key is used to encrypt and decrypt TGTs. Only the KDC knows this password and it changes the password periodically.

by **Guest** » Wed Feb 04, 2004 8:17 pm

I have the same problem. Has anyone figured how to enable?

by **therget** » Thu Feb 05, 2004 9:24 am

This account is used in Win2K & greater to issue a TGT. This account is disabled by default and is need for the Kerberos Authentication Protocol. This ia built account and is created during the dcpromo process (when you raise your machine into a Domain Controller) on a DC

The following KB articles would give more information on this question

http://support.microsoft.com/default.aspx?scid=kb;en-us;229909
[url=http://support.microsoft.com/default.aspx?scid=kb;en-us;229909]
http://support.microsoft.com/default.as ... -us;247008[/url]

MonitorWare Knowledge Base

The former MIS disabled the built in account krbtgt

The former MIS disabled the built in account krbtgt

krbtgt is always disabled by default and cannot be reenabled

Google Ads

Who is online