event ID 675
From: djc (noone_at_nowhere.com)
Date: 07/26/04
- Next message: Miha Pihler: "Re: Why Read Only folder on Server 2003?"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Best Practices for NTFS Shares"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Jul 2004 14:03:55 -0400
I get several of these events logged at my domain controller:
Source: Security
Category: Account Logon
Pre-authentication failed:
User Name: shamoo
User ID: mydomain\shamoo
Service Name: krbtgt/mydomain
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: 10.10.100.100
according to what I've found so far it means 'clients credentials have been
revoked'. That is straight from the Kerberos 5 RFC 1510 listing for error
code 18.
a couple ?'s:
1) why do they happen?
2) is there something wrong that I need to take action on?
3) I have noticed that some of the 'client address's' listed are 'the'
domain controller's address and some are actual client addresses? all other
things are the same?
- Next message: Miha Pihler: "Re: Why Read Only folder on Server 2003?"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Best Practices for NTFS Shares"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
