Re: How to trace source of logon failure due to wrong password?
From: Lik Mai Sak (cuddlybear101@yahoo.com)Date: 02/25/02
- Previous message: Tom Are Tørum: "question about the admin-user.."
- In reply to: Panda Hung: "How to trace source of logon failure due to wrong password?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Lik Mai Sak <cuddlybear101@yahoo.com> Date: Tue, 26 Feb 2002 06:36:48 +1100
Panda Hung wrote:
> Is there a way to identify the originating computer that tries to log on to
> a Win2K server with a wrong password? I have a server and one of the admin
> accounts is always locked up because some computers are trying to map a
> drive to that server. Unfortunately the password was recently changed (we
> could not change it back due to company standard) and as a result, that
> account is locked up everyday until it is unlocked by admin. (computer
> standard again). We need to track down the originating computer and fix the
> problem there.
>
> Any help will be appreciated.
>
> Panda Hung
> panda@globalserve.net
Turn on auditing (user manager for dom's) and audit failed (successfull is a
good idea too) logon attempts.
Check the event log next time it happens.
-- E.
- Previous message: Tom Are Tørum: "question about the admin-user.."
- In reply to: Panda Hung: "How to trace source of logon failure due to wrong password?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
