Hive mind,
I ave an issue whereby users are running inside a Citrix session hosted on Windows Server 2016. Redirected folders are being used, set by GPO and everything is working fine for exactly 10 hours. After 10 hours, the redirected folders disconnect and the user needs to log off and on again for this to be restored.
The only error i can find up to now is the following:
Log name: System
Event ID: 32
Source: Kerberos-Key-Distribution-Center
Details: The Key Distribution Center (KDC) uses a certificate without KDC Extended Key Usage (EKU) which can result in authentication failures for device certificate logon and smart card logon from non-domain-joined devices. Enrollment of a KDC certificate with KDC EKU (Kerberos Authentication template) is required to remove this warning.
We are currently piloting the 2016 image after migrating from 2008R2, where this worked without issue. All kerberos timings are default and not amended in GPO/local policy.
klist tgt shows:
StartTime : 2/10/2020 11:23:10 (local)
EndTime : 2/10/2020 21:23:10 (local)
RenewUntil : 2/10/2020 21:23:10 (local)
TimeSkew : + 0:00 minute(s)
which is what i would expect...
Any ideas?