Microsoft Key Distribution Service fails to start

Question

The Microsoft Key Distribution Service is not starting on my DC. In the Microsoft\Kdssvc event log, there are:

Event ID 4001 Group Key Distribution Service failed to start. Status 0x80070020.

Event ID 4007
Group Key Distribution Service cannot connect to the domain controller on local host. Status 0x80070020. Group Key Distribution Service cannot be started because of the error.

The error 0x80070020 indicates a file lock of some type.

Does anyone know how I can fix this error?

For clarification: This question is not about Kerberos, instead it's about the service account that handles Group Managed Service Accounts (gMSA), Bitlocker, and Windows Activation Services in a corporate environment.

Procmon trace:

score 0 · Answer 1 · answered Aug 13 '21 at 15:21

0

Validate that your DC is in the Default "Domain Controller" OU or the Service will fail. This is the only apparent impact of moving a DC that we experienced.

answered Aug 13 '21 at 15:21

TonyYahoo

1

Microsoft Key Distribution Service fails to start

1 Answers1