Re: source of Failure Audits is Default Web Site
- From: "G" <gregstigers+w@xxxxxxxxxxx>
- Date: Tue, 18 Mar 2008 10:33:26 -0400
Well, I'm posting because I don't understand what's wrong. If someone is
trying to crack the Admin account, whatever they are doing depends on having
the Default Web Site up and running on this member server, because stopping
that website stops these errors. I am guessing that the IUSR_SVR1 account
somehow tries to use NT AUTHORITY\SYSTEM, causing the Logon attempt by
MICROSOFT_AUTHENTICATION_PACKAGE_V1_0, whose Logon account is Administrator.
But maybe I'm misreading the Event Log.
Bottom line, I just want these websites to work, without filling the Event
Log on the DC.
________
Greg Stigers, MCSA
remember to vote for the answers you like
.
- Follow-Ups:
- Re: source of Failure Audits is Default Web Site
- From: David Wang
- Re: source of Failure Audits is Default Web Site
- References:
- source of Failure Audits is Default Web Site
- From: G
- Re: source of Failure Audits is Default Web Site
- From: David Wang
- source of Failure Audits is Default Web Site
- Prev by Date: Re: Discovering filenames when 'Directory browsing' disabled
- Next by Date: Re: Howto refresh IIS 6 Application pool identity credential info
- Previous by thread: Re: source of Failure Audits is Default Web Site
- Next by thread: Re: source of Failure Audits is Default Web Site
- Index(es):
Relevant Pages
|
