Re: NTLM

From: Citimouse (citimousemeow_at_hotmail.com)
Date: 12/30/03 

Date: Tue, 30 Dec 2003 22:19:56 +0800

Hi,

Thanks for your reply. But the Win2K professional has been patch with the
latest Service Pack and all security hotfixes.

Any other ideas that I can try?

Thanks.

"Karin Galli [MS]" <i-kgbauz@online.microsoft.com> wrote in message
news:%23VJRfsszDHA.2928@TK2MSFTNGP09.phx.gbl...
> This article may be helpful:
>
> 289243 MS02-001: Forged SID Could Result in Elevated Privileges in Windows
> 2000
> http://support.microsoft.com/?id=289243
>
> Also, if you have trust with an NT domain and W2K machines are on this
> domain, check that the W2K stations have synchronized the time with the
W2K
> domain.
>
> --
> =====================================================
> When responding to posts, please "Reply to Group" via
> your newsreader so that others may learn and benefit
> from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> "news.starhub.com.sg" <asd@asd.dd> wrote in message
> news:3ff0d65f$1@news.starhub.net.sg...
> > Hi All,
> >
> > It seems that I have a problem with NTLM in my Windows 2003. I tried to
> > access a program located in Windows 2003 server using my Win2K
> Professional.
> > When I tried to log into the application, it says "Access is Denied".
> >
> > In the Event Log, I found this error,
> >
> > Event Type: Failure Audit
> > Event Source: Security
> > Event Category: Logon/Logoff
> > Event ID: 537
> > Date: 30-Dec-03
> > Time: 2:58:53 PM
> > User: NT AUTHORITY\SYSTEM
> > Computer: OSAN
> > Description:
> > Logon Failure:
> > Reason: An error occurred during logon
> > User Name: wyc
> > Domain: AAF
> > Logon Type: 3
> > Logon Process: NtLmSsp
> > Authentication Package: NTLM
> > Workstation Name: HELP
> > Status code: 0xC000005E
> > Substatus code: 0x0
> > Caller User Name: -
> > Caller Domain: -
> > Caller Logon ID: -
> > Caller Process ID: -
> > Transited Services: -
> > Source Network Address: xx.xxx.xxx.xx
> > Source Port: 1496
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> > I search for help in both MSKB and Windows 2003 Help file. In Windows
2003
> > server, I found this article,
> >
> > "You can configure this security setting by opening the appropriate
policy
> > and expanding the console tree as such: Computer Configuration\Windows
> > Settings\Security Settings\Local Policies\Security Options\"
> >
> > May I know where can I find it? Also, does anyone has experience this
> > before?
> >
> > Thanks in advance.
> >
> >
>
>

Relevant Pages

  • RE: Security update for windows XP (KB828741)
    ... Check your event log to see it the patch really installed or if it failed. ... Service Pack version ... Some patches require you be at a certain SP level. ...
    (microsoft.public.security)
  • Re: Task become milestone automatically when calendar is changed
    ... The problem does go away when a patch is applied. ... But the issue is that I have not been able to able to convince certain ... Vivek Gupta wrote: ... that has no service pack". ...
    (microsoft.public.project)
  • Re: HELP! My FPS is horrid - unplayable since last patch.
    ... seeing the blob pre the 3.0.2 patch. ... it appears that the system requirements has been ... WoW now requires Service Pack 3 for Windows XP, ...
    (alt.games.warcraft)
  • Re: Q329170 (MS02-070), Q327984 and slow logoffs
    ... Service Pack 4", the problem described by Chris Hill on 3/21/03 ... > security bulletin, your computer takes a long time to log off (up to ... > by a handle leak in shlwapi32.dll' whereas this patch does not exist ... Summer's Hottest Certification Just Got HOTTER! ...
    (NT-Bugtraq)
  • Re: DSO Exploit
    ... or any subsequent IE Cumulative Updates, or Service Pack 1, you're ... the makers of Spybot will soon fix this bug. ... 2002 Cumulative Patch for Internet Explorer ...
    (microsoft.public.windowsxp.security_admin)