I was trying to log in with Smart card (Yubico in my case) but server could not log me in and returned the error: An untrusted certification authority was detected while processing the domain controller certificate used for authentication additional information be available in the system event log. Please contact your administrator. Checked the certificate store and required certificates were in the store. In my case Root CA and Intermediate CA certificates. When I ran the command certutil -viewstore -enterprise NTAuth in the elevated PowerShell window I got no certificates. Therefore, I exported the intermediate certificate from the store (certmgr.msc), put it in the C:\TEMP path and ran: certutil -enterprise -addstore ntauth "C:\TEMP\intermediate.cer" After that I was able to sign in with smart card. Whay certificate was not propagated through domain is still a mystery :)
If you are using Microsoft's Azure Backup server to backup your Exchange you might want to use notifications if anything goes wrong with it. In the Options window when you enter credentials for the sending account it keeps failing to send test E-mail saying wrong username and password (error 2013). The problem is that this account needs to have local admin rights on the Azure backup machine. Yeah, don't ask why.