M
mrecomm101
I'm getting an Event ID of 529
The USER is listed as NT AUTHORITY/SYSTEM
Logon Failure:
Reason: Unknown user name or bad password
User Name: anna
Domain:
Logon Type: 3
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: JM-APPSERVER
Caller User Name: JM-APPSERVER$
Caller Domain: JACKSMAGIC
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 5128
Transited Services: -
Source Network Address: -
Source Port: -
I'm trying to see where this logon is coming from. I have nothing on the
firewall logs to indicate a remote access and the building was locked and
alarmed.
Any thoughts or suggestions?
The USER is listed as NT AUTHORITY/SYSTEM
Logon Failure:
Reason: Unknown user name or bad password
User Name: anna
Domain:
Logon Type: 3
Logon Process: Advapi
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: JM-APPSERVER
Caller User Name: JM-APPSERVER$
Caller Domain: JACKSMAGIC
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 5128
Transited Services: -
Source Network Address: -
Source Port: -
I'm trying to see where this logon is coming from. I have nothing on the
firewall logs to indicate a remote access and the building was locked and
alarmed.
Any thoughts or suggestions?