J
Jimbo
Im trying to isolate a failed login attempt to my domain that occurs once or
twice every few days. Below is the text of the event log failure:
The source of this one is Security and its Event ID is 529
Logon Failure:
Reason: Unknown user name or bad password
User Name: Administrator
Domain: SERVER
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: SERVER
The source of this one is Security and its Event ID is 681
The logon to account: Administrator
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: SERVER
failed. The error code was: 3221225578
I neither have a workstation named "SERVER" nor a domain. Is there a higher
level or debugging I can turn on in an attempt to find out more about this?
We are firewalled, etc and this box is on our internal LAN.
twice every few days. Below is the text of the event log failure:
The source of this one is Security and its Event ID is 529
Logon Failure:
Reason: Unknown user name or bad password
User Name: Administrator
Domain: SERVER
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: SERVER
The source of this one is Security and its Event ID is 681
The logon to account: Administrator
by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
from workstation: SERVER
failed. The error code was: 3221225578
I neither have a workstation named "SERVER" nor a domain. Is there a higher
level or debugging I can turn on in an attempt to find out more about this?
We are firewalled, etc and this box is on our internal LAN.