NTLM on Native Domain
From: Peter K. (pmkdatabase@yahoo.ca)
Date: 03/31/03
- Next message: ATK: "how secure logon scripts??"
- Previous message: Kwok Siang Kwang: "EAP-TLS"
- Next in thread: S. Pidgorny [MVP]: "Re: NTLM on Native Domain"
- Reply: S. Pidgorny [MVP]: "Re: NTLM on Native Domain"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Peter K. <pmkdatabase@yahoo.ca> Date: Mon, 31 Mar 2003 14:22:23 +0700
Hi,
I have a native W2K domain. My event log shows many attempted logons
every day as follows below. These are not from my users.
My understanding of this quote from the help system is that NTLM is
now disabled on my DCs.
"If you do not have a mixed-mode network, you can disable NTLM
authentication by switching to native mode at a domain controller"
Is this correct and therefore all NTLM authenticated logons are
doomed to failure no matter what the credentials?
Thanks very much - it is tough to find the answers to these questions
anywhere else but here...
Peter
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 3/30/2003
Time: 9:20:48 PM
User: NT AUTHORITY\SYSTEM
Computer: xxxx-01
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: Administrator
Domain: ITREX-98HIVYD31
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: ITREX-98HIVYD31
- Next message: ATK: "how secure logon scripts??"
- Previous message: Kwok Siang Kwang: "EAP-TLS"
- Next in thread: S. Pidgorny [MVP]: "Re: NTLM on Native Domain"
- Reply: S. Pidgorny [MVP]: "Re: NTLM on Native Domain"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
