locked
Event ID 29, 2886, 8193 定期出現問題 RRS feed

  • 問題

  • 以下 Event log 每天或數天定期出現, 想問如何解決?

    1. Log Name:      System
    Source:        Microsoft-Windows-Kerberos-Key-Distribution-Center
    Date:          6/24/2010 11:05:07 PM
    Event ID:      29
    Task Category: None
    Level:         Warning
    Keywords:      Classic
    User:          N/A
    Computer:      svr1.ggmm.local
    Description:
    The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.

    2. Log Name:      Directory Service
    Source:        Microsoft-Windows-ActiveDirectory_DomainService
    Date:          6/24/2010 3:05:08 AM
    Event ID:      2886
    Task Category: LDAP Interface
    Level:         Warning
    Keywords:      Classic
    User:          ANONYMOUS LOGON
    Computer:      svr1.ggmm.local
    Description:
    The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate,  Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification) and LDAP simple binds that  are performed on a cleartext (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, configuring the server to reject them will improve the security of this server.
     
    Some clients may currently be relying on unsigned SASL binds or LDAP simple binds over a non-SSL/TLS connection, and will stop working if this configuration change is made.  To assist in identifying these clients, if such binds occur this  directory server will log a summary event once every 24 hours indicating how many such binds  occurred.  You are encouraged to configure those clients to not use such binds.  Once no such events are observed  for an extended period, it is recommended that you configure the server to reject such binds.

    3. Log Name:      Application
    Source:        VSS
    Date:          6/24/2010 3:06:07 AM
    Event ID:      8193
    Task Category: None
    Level:         Error
    Keywords:      Classic
    User:          N/A
    Computer:      svr1.ggmm.local
    Description:
    Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...).  hr = 0x80070005, Access is denied.

     

    2010年6月25日 上午 04:44

解答