Re: IIS5 Integrated Windows Authentication prompts password
From: Sergio De Chiara (l_ecclesiaste_at_yahoo.it)
Date: 05/22/03
- Next message: Alessandro Perilli: "Re: What Happening"
- Previous message: Sergio De Chiara: "Re: User anmelde problem"
- In reply to: Ken Schaefer: "Re: IIS5 Integrated Windows Authentication prompts password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 22 May 2003 15:18:35 +0200
Hi Nick....
Let me give you a piece of advice:
Set your "Reset account lockout counter after" to 5 minute
Set your "Account lockout duration" to 5 minutes
So if someone is trying to force your pssword, he'll give up soon...
and your user will be able to reconnect only after 5 minutes...
Don't forget to tell this to your user..
-- http://eu.webmatrixhosting.net/ioprogrammo/index.html <><--------------------------------------------------<>< Dr. Sergio De Chiara Microsoft Certified System Administrator Microsoft Cerified FAN Mobile: +393403429586 E-mail: sergio_de_chiara@yahoo.it Web Site: http://www.windowserver.it ( wil open soon... ) <><--------------------------------------------------<>< "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message news:uBWfFzBIDHA.3604@tk2msftngp13.phx.gbl... > Start auditing for failed logon attempts. > > The message below indicates that the account has *already* been locked out, > hence it is failing additional attempts to login. Account lockout indicates > that someone, somewhere is attempting to logon to the user account and > failing the password. Make sure that it isn't someone else attempting to > guess this person's password... > > Cheers > Ken > > "Nick Miron" <nicolas.miron@cgi.com> wrote in message > news:6a4c3d36.0305211128.33b3cdd6@posting.google.com... > : Turns out there is an event in the Security log: > : > : Event Type: Failure Audit > : Event Source: Security > : Event Category: Logon/Logoff > : Event ID: 539 > : Date: 5/20/2003 > : Time: 10:19:55 AM > : User: NT AUTHORITY\SYSTEM > : Computer: DM1CT3 > : Description: > : Logon Failure: > : Reason: Account locked out > : User Name: murroach > : Domain: BELL > : Logon Type: 3 > : Logon Process: NtLmSsp > : Authentication Package: NTLM > : Workstation Name: ATRC47 > : > : For more information, see Help and Support Center at > : http://go.microsoft.com/fwlink/events.asp. > : > : Also, since it's always the same 3-4 users getting the problem, I'm > : thinking it's somehow related to their NT account. If it were an > : intermittent problem with the IIS server, random users would be having > : the problem - but hta'ts not the case - it's always the same 3 or 4 > : who are getting prompted once in a while. > : > : I looked at the NT account difference between one who's getting > : prompted, and one who never did, and I couldn't see anything > : different... > : > : > : > : "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message > news:<#HJNiH0HDHA.2204@TK2MSFTNGP11.phx.gbl>... > : > Is there anything in the Windows Event Log? (eg Logon Failure with > : > appropriate Event ID and message?) > : > > : > Maybe you are running out of licences, or there is something other > problem, > : > which may become clearer is there is something being logged to the Event > : > Log. > : > > : > Cheers > : > Ken > >
- Next message: Alessandro Perilli: "Re: What Happening"
- Previous message: Sergio De Chiara: "Re: User anmelde problem"
- In reply to: Ken Schaefer: "Re: IIS5 Integrated Windows Authentication prompts password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
