| 0xD | 在初始智慧卡登入程式庫時發生錯誤: %1 |
An error occurred while initializing the smart card logon library: %1 |
| 0x00010005 | 從插入的智慧卡抓取數位憑證時發生錯誤。%1 |
An error occurred while retrieving a digital certificate from the inserted smart card. %1 |
| 0x00010006 | 嘗試確認插入的智慧卡時發生錯誤: %1 |
An error occurred in while attempting to verify the inserted smart card: %1 |
| 0x00010007 | 使用插入的智慧卡簽署訊息時發生錯誤: %1 |
An error occurred while signing a message using the inserted smart card: %1 |
| 0x00010008 | 使用插入的智慧卡確認簽署訊息時發生錯誤: %1 |
An error occurred while verifying a signed message using the inserted smart card: %1 |
| 0x00010009 | 從插入的智慧卡確認抓取的數位憑證時發生錯誤: %1 |
An error occurred while verifying the digital certificate retrieved from the inserted smart card: %1 |
| 0x0001000A | 使用插入的智慧卡加密訊息時發生錯誤: %1 |
An error occurred while encrypting a message using the inserted smart card: %1 |
| 0x0001000B | 使用插入的智慧卡解密訊息時發生錯誤: %1 |
An error occurred while decrypting a message using the inserted smart card: %1 |
| 0x0001000C | 當建立憑證內容時發生錯誤: %1 |
An error occurred while building a certificate context: %1 |
| 0x0001000E | 簽署訊息時發生錯誤: %1 |
An error occurred while signing a message: %1 |
| 0x0001000F | 確認一項已簽署訊息時發生錯誤: %1 |
An error occurred while verifying a signed message: %1 |
| 0x00010010 | 為訊息加密時發生錯誤: %1 |
An error occurred while encrypting a message: %1 |
| 0x00010011 | 為訊息解密時發生錯誤: %1 |
An error occurred while decrypting a message: %1 |
| 0x00010012 | 在抓取某些提供者參數時發生錯誤: %1 |
An error occurred while retrieving some provider parameter: %1 |
| 0x00010013 | 在產生一個隨機數字時發生錯誤: %1 |
An error occurred while generating a random number: %1 |
| 0x10000038 | 傳統 |
Classic |
| 0x40000004 | Kerberos 用戶端從伺服器 %1 收到 KRB_AP_ERR_MODIFIED 錯誤。使用的目標名稱為 %3。這表示目標伺服器無法解密用戶端所提供的票證。當目標伺服器主體名稱 (SPN) 不是在與目標服務正在使用之帳戶相同的帳戶登錄時,就會發生此情形。請確定目標 SPN 僅在伺服器所使用的帳戶上登錄。當目標服務帳戶密碼與在 Kerberos 金鑰發佈中心為該目標服務設定的帳戶密碼不同時,也會發生此情形。請確定伺服器上的服務與 KDC 均設為使用相同的密碼。若伺服器名稱不是完整合格名稱,且目標網域 (%2) 與用戶端網域 (%4) 不同,請檢查這兩個網域中是否有同名的伺服器帳戶,或是使用完整合格名稱來識別該伺服器。 |
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server %1. The target name used was %3. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (%2) is different from the client domain (%4), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server. |
| 0x40000005 | Kerberos 用戶端從伺服器 %1 收到 KRB_AP_ERR_TKT_NYV 錯誤。這代表提供給該伺服器的票證尚未生效 (因為票證與伺服器時間之間的不一致)。請連絡您的系統管理員,以確定用戶端與伺服器時間同步,且領域 %2 中的金鑰發佈中心 (KDC) 服務與用戶端領域中的 KDC 同步。 |
The Kerberos client received a KRB_AP_ERR_TKT_NYV error from the server %1. This indicates that the ticket presented to that server is not yet valid (due to a discrepancy between ticket and server time. Contact your system administrator to make sure the client and server times are synchronized, and that the time for the Key Distribution Center Service (KDC) in realm %2 is synchronized with the KDC in the client realm. |
| 0x50000002 | 錯誤 |
Error |
| 0x50000003 | 警告 |
Warning |
| 0x50000004 | 資訊 |
Information |
| 0x70000001 | Kerberos |
Kerberos |
| 0x70000002 | 最大 |
Max |
| 0x80000003 | 收到 Kerberos 錯誤訊息:%n 於登入工作階段 %1%n 用戶端時間: %2%n 伺服器時間: %3%n 錯誤碼: %4 %5%n 延伸的錯誤: %6%n 用戶端領域: %7%n 用戶端名稱: %8%n 伺服器領域: %9%n 伺服器名稱: %10%n 目標名稱: %11%n 錯誤文字: %12%n 檔案: %13%n 行數: %14%n 錯誤資料在記錄資料中。 |
A Kerberos error message was received:%n on logon session %1%n Client Time: %2%n Server Time: %3%n Error Code: %4 %5%n Extended Error: %6%n Client Realm: %7%n Client Name: %8%n Server Realm: %9%n Server Name: %10%n Target Name: %11%n Error Text: %12%n File: %13%n Line: %14%n Error Data is in record data. |
| 0x80000006 | Kerberos SSPI 封裝產生了大小為 %1 位元組的輸出權杖,這個權杖太大而無法放入處理程序識別碼 %3 所提供之大小為 %2 的權杖緩衝區。%n %n 輸出 SSPI 權杖大小的原因可能是使用者 %4 為大量群組的成員。%n %n 建議您將使用者所屬的群組數減到最小。如果減少這個使用者的群組數仍無法解決這個問題,請連絡您的系統管理員來增加權杖大小上限,而該值是在每部電腦上分別使用下列登錄值予以設定:HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters\\MaxTokenSize。 |
The Kerberos SSPI package generated an output token of size %1 bytes, which was too large to fit in the token buffer of size %2 bytes, provided by process id %3.%n %n The output SSPI token size is probably the result of the user %4 being a member of a large number of groups.%n %n It is recommended to minimize the number of groups a user belongs to. If the problem can not be corrected by reducing the group memberships of this user, contact your system administrator to increase the maximum token size, which is configured on each computer individually using the registry value: HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters\\MaxTokenSize. |
| 0x8000000A | Kerberos 子系統目前無法使用 UDP 網路通訊協定從您的網域控制站抓取票證。這通常是因為網路問題所造成。請連絡您的系統管理員。 |
The Kerberos subsystem currently cannot retrieve tickets from your domain controller using the UDP network protocol. This is typically due to network problems. Contact your system administrator. |
| 0x8000000C | 當您在 VPN 連線使用智慧卡時,Kerberos 子系統發生錯誤。基本上,這指出在 VPN 工作階段中,已將智慧卡從讀卡機拉出。其中一個可能的解決方式為關閉 VPN 連線、重新插入智慧卡,然後重新建立連線。 |
While using your smart card over a VPN connection, the Kerberos subsystem encountered an error. Typically, this indicates the card has been pulled from the card reader during the VPN session. One possible solution is to close the VPN connection, reinsert the card, and establish the connection again. |
| 0x8000000D | 儲存在認證管理員中的智慧卡 PIN 遺失或無效。智慧卡 PIN 儲存在記憶體中,僅供目前的互動式登入工作階段使用,而如果從讀卡機取出卡片,或者當使用者登出後,就會刪除此智慧卡 PIN。若要解決此錯誤,請將卡片持續放在讀卡機中,開啟 [控制台] 中的 [認證管理員],然後重新輸入認證 %1 的 PIN。 |
The smart card PIN stored in Credential Manager is missing or invalid. The smart card PIN is stored in memory only for the current interactive logon session, and is deleted if the card is removed from the card reader or when the user logs off. To resolve this error, keep the card in the reader, open Credential Manager in Control Panel, and reenter the PIN for the credential %1. |
| 0x8000000E | 儲存在認證管理員中的密碼無效。這可能是由於已登入的使用者從這部電腦或其他電腦變更密碼所造成。若要解決此錯誤,請開啟 [控制台] 中的 [認證管理員],然後重新輸入認證 %1 的密碼。 |
The password stored in Credential Manager is invalid. This might be caused by the logged on user changing the password from this computer or a different computer. To resolve this error, open Credential Manager in Control Panel, and reenter the password for the credential %1. |
| 0x8000000F | Kerberos SSPI 封裝已經產生大小為 %1 個位元組的輸出權杖,它太大了,不適用於處理程序識別碼 %3 提供之大小為 %2 個位元組的權杖緩衝區。%n %n 需要修改應用程式,以提供大小至少為 %4 個位元組的權杖緩衝區。 |
The Kerberos SSPI package generated an output token of size %1 bytes, which was too large to fit in the token buffer of size %2 bytes, provided by process id %3.%n %n The application needs to be modified to supply a token buffer of size at least %4 bytes. |
| 0x80000012 | 使用者 (%2) 的受委派 TGT 已到期。已嘗試更新,但因為錯誤 %8 失敗。伺服器登入工作階段 (%1) 已停止委派使用者認證。若要順利進行之後的非限制委派,使用者必須再次向伺服器驗證。%n%nTGT 詳細資料:%n 用戶端: %2%n 伺服器: %3%n 旗標: %4%n 開始時間: %5%n 結束時間: %6%n 更新到: %7 |
The delegated TGT for the user (%2) has expired. A renewal was attempted and failed with error %8. The server logon session (%1) has stopped delegating the user's credential. For future unconstrained delegation to succeed, the user needs to authenticate again to the server. %n%nTGT Details:%n Client: %2%n Server: %3%n Flags: %4%n Start Time: %5%n End Time: %6%n Renew Until: %7 |
| 0x80000013 | 網域控制站的 KDC 憑證不包含 KDC 擴充金鑰使用方法 (EKU): 1.3.6.1.5.2.3.5: 錯誤碼 %1。網域系統管理員將需要取得含 KDC EKU 的憑證,才能讓網域控制站解決此錯誤。使用「Windows Server 憑證服務」時,請建立以「Kerberos 驗證範本」為基礎的憑證。 |
The KDC certificate for the domain controller does not contain the KDC Extended Key Usage (EKU): 1.3.6.1.5.2.3.5: Error Code %1. The domain administrator will need to obtain a certificate with the KDC EKU for the domain controller to resolve this error. When using Windows Server Certificate Services create a certificated based on the Kerberos Authentication Template. |
| 0x80000014 | 網域控制站的 KDC 憑證的主體別名 (SAN) 屬性中沒有網域 %1 的 DNS 名稱: 錯誤碼 %2。網域系統管理員將需要取得 SAN 屬性中有 DNS 網域名稱的 KDC 憑證,才能讓網域控制站解決此錯誤。使用「Windows Server 憑證服務」時,請建立以「Kerberos 驗證範本」為基礎的憑證。 |
The KDC certificate for the domain controller does not have the DNS name of domain %1 in the Subject Alternative Name (SAN) attribute: Error Code %2. The domain administrator will need to obtain a KDC certificate with the DNS domain name in the SAN attribute for the domain controller to resolve this error. When using Windows Server Certificate Services create a certificated based on the Kerberos Authentication Template. |
| 0x90000001 | Microsoft-Windows-Security-Kerberos |
Microsoft-Windows-Security-Kerberos |
| 0x90000002 | Operational |
Operational |
| 0xB0000064 | 服務主體名稱 (SPN) %1 未登錄,因而導致 Kerberos 驗證失敗: %2。請使用 setspn 命令列工具登錄 SPN。 |
The service principal name (SPN) %1 is not registered, which caused Kerberos authentication to fail: %2. Use the setspn command-line tool to register the SPN. |
| 0xB0000065 | 服務主體名稱 (SPN) %1 已在多個帳戶上登錄,因而導致 Kerberos 驗證失敗: %2。請使用 setspn 命令列工具來識別帳戶,並移除重複的登錄。 |
The service principal name (SPN) %1 is registered on multiple accounts which caused Kerberos authentication to fail: %2. Use the setspn command-line tool to identify the accounts and remove the duplicate registrations. |
| 0xB0000066 | Kerberos 金鑰發佈中心 (KDC) %1 的憑證信任驗證失敗: %2。請使用 CAPI2 診斷追蹤來識別驗證失敗的原因。 |
Trust validation of the certificate for the Kerberos Key Distribution Center (KDC) %1 failed: %2. Use the CAPI2 diagnostic traces to identify the reason for the validation failure. |
| 0xB0000067 | KDC 中 %1 的用戶端憑證信任驗證失敗: %2。請使用 CAPI2 診斷追蹤來識別驗證失敗的原因。 |
Trust validation of the client certificate for %1 failed: %2 on KDC. Use the CAPI2 diagnostic traces to identify the reason for the validation failure. |
| 0xB0000068 | 網域 %1 的 Kerberos 金鑰發佈中心 (KDC) 未安裝憑證,或不支援使用憑證登入: %2 |
The Kerberos Key Distribution Center (KDC) for the domain %1 does not have a certificate installed or does not support logon using certificates: %2 |
| 0xB0000069 | Kerberos 用戶端無法抓取群組管理之服務帳戶的密碼。%n%nLogonId: %1:%2%nDomainName: %3%nUserName: %4%n重新整理: %5%n目前的檔案時間: %6%n錯誤碼: %7%n |
The Kerberos client could not retrieve passwords for the group managed service account.%n%nLogonId: %1:%2%nDomainName: %3%nUserName: %4%nRefresh: %5%nCurrent File Time: %6%nError Code: %7%n |
| 0xB000006A | Kerberos 用戶端收到沒有 KDC EKU (並非使用「Kerberos 驗證範本」建立) 的 KDC 憑證。%n%n錯誤碼: %1%n |
The Kerberos client received a KDC certificate that does not have KDC EKU (not based on Kerberos Authentication Template).%n%nError Code: %1%n |
| 0xB000006B | Kerberos 用戶端收到沒有相符網域名稱的 KDC 憑證。%n%n預期的網域名稱: %1%n錯誤碼: %2%n |
The Kerberos client received a KDC certificate that does not have a matched domain name.%n%nExpected Domain Name: %1%nError Code: %2%n |
| 0xB000006C | Kerberos 用戶端無法傳送 Kerberos Proxy 要求。%n%nProxyServer:%n ServerName: %1%n ServerPort: %2%n ServerVdir: %3%n錯誤碼: %4%n狀態碼: %5%n |
The Kerberos client could not send a Kerberos proxy request.%n%nProxyServer:%n ServerName: %1%n ServerPort: %2%n ServerVdir: %3%nError Code: %4%nStatus Code: %5%n |
| 0xB000006D | Kerberos 用戶端找不到適當的認證可搭配驗證 Proxy 使用:%n%nAuthProxy:%n Proxy: %1%n ProxyBypass: %2%n Epoch: %3%n 支援的配置: %4%n 第一個配置: %5%n摘要式認證:%n 已初始化: %6%n DomainAndUserName: %7%n Epoch: %8%n基本認證:%n 已初始化: %9%n DomainAndUserName: %10%n Epoch: %11%n |
The Kerberos client could not find a suitable credential to use with the authentication proxy:%n%nAuthProxy:%n Proxy: %1%n ProxyBypass: %2%n Epoch: %3%n Supported Schemes: %4%n First Scheme: %5%nDigest Credential:%n Initialized: %6%n DomainAndUserName: %7%n Epoch: %8%nBasic Credential:%n Initialized: %9%n DomainAndUserName: %10%n Epoch: %11%n |
| 0xB00000C8 | Kerberos 用戶端找不到網域 %1 的網域控制站: %2。Kerberos 驗證需要與網域控制站進行通訊。 |
The Kerberos client could not locate a domain controller for domain %1: %2. Kerberos authentication requires communicating with a domain controller. |
| 0xB000012C | Kerberos 用戶端發現網域 %2 的網域控制站 %1。 |
The Kerberos client discovered domain controller %1 for the domain %2. |
| 0xB000012D | Kerberos 用戶端已針對目標: '%1' 使用認證管理員中的認證。 |
The Kerberos client used credentials from the Credential Manager for the target: '%1'. |
| 0xB000012E | Kerberos 用戶端已繫結至網域 %2 的網域控制站 %1,但目前無法存取此網域控制站。%n%n DesiredFlags: %3%n CacheFlags: %4%n ErrorCode: %5 |
The Kerberos client was bound to domain controller %1 for the domain %2 but could not access this domain controller at the time.%n%n DesiredFlags: %3%n CacheFlags: %4%n ErrorCode: %5 |
| 0xB000012F | Kerberos 用戶端已更新群組管理之服務帳戶的密碼。%n%nLogonId: %1:%2%nDomainName: %3%nUserName: %4%n更新目前的密碼: %5%n更新舊密碼: %6%n重新整理: %7%n之前的檔案時間: %8%n目前的檔案時間: %9%n |
The Kerberos client updated passwords for the group managed service account.%n%nLogonId: %1:%2%nDomainName: %3%nUserName: %4%nUpdate Current Passwords: %5%nUpdate Old Passwords: %6%nRefresh: %7%nPrevious File Time: %8%nCurrent File Time: %9%n |
| 0xC0000007 | 無法驗證包含位在領域 %2 之用戶端 %1 授權資訊的數位簽署權限屬性憑證 (PAC)。%n %n 這個錯誤通常是因網域信任失敗所造成; 請連絡您的系統管理員。 |
The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client %1 in realm %2 could not be validated.%n %n This error is usually caused by domain trust failures; Contact your system administrator. |
| 0xC0000008 | 網域控制站已拒絕使用者 %2 用來進行智慧卡登入的用戶端憑證。憑證驗證程序傳回下列錯誤: %1。 |
The domain controller rejected the client certificate of user %2, used for smart card logon. The following error was returned from the certificate validation process: %1. |
| 0xC0000009 | 用戶端驗證 %2 的網域控制站憑證失敗。憑證驗證程序傳回下列錯誤: %1。 |
The client has failed to validate the domain controller certificate for %2. The following error was returned from the certificate validation process: %1. |
| 0xC000000B | 您的智慧卡登入憑證主體欄位中的分辨名稱,並未包含在未加入的電腦上識別適當網域的足夠資訊。請連絡您的系統管理員。 |
The Distinguished Name in the subject field of your smart card logon certificate does not contain enough information to identify the appropriate domain on an non-domain joined computer. Contact your system administrator. |
| 0xC0000010 | Kerberos SSPI 封裝在憑證存放區中找不到智慧卡憑證。如果要解決此失敗,請以使用者 %1 登入,並將智慧卡插入到智慧卡讀卡機,然後使用 [憑證] 嵌入式管理單元來檢查智慧卡憑證是否位於使用者的個人憑證存放區。 |
The Kerberos SSPI package failed to find the smart card certificate in the certificate store. To remedy this failure, logon as user %1 and insert the smart card into the smart card reader, then use the Certificates snap-in to verify that the smart card certificate is in the user's personal certificate store. |
| 0xC0000011 | Kerberos SSPI 封裝找不到要搜尋的樹系或網域 %1。請確認已正確設定「使用樹系搜尋順序」群組原則,且此樹系或網域可以使用。 |
The Kerberos SSPI package failed to locate the forest or domain %1 to search. Ensure that the Use forest search order Group Policy is correctly configured, and that this forest or domain is available. |