Re: Event ID 538 Logon Type 3 NT AUTHORITY/ANONYMOUS LOGON
- From: joescat <joescat.2a8mu8@xxxxxxxxxxxx>
- Date: Fri, 30 Jun 2006 14:25:07 -0500
Thanks, that confirms my thinking, and results trying to pare down my
security event log.
I'm doing exactly that now - using EventComb to capture a particular
person's logon and logoff's. Unfortunately, even though I've cranked
up the size of the security log, it still doesn't go back very far due
to all the excess "chatter" by the anonymous logon events. I guess
I'll just have to live with it.
It would be undesirable to disabled NetBIOS , as it is very useful on
occasion to browse to this particular resource server.
I will play around with stopping the Browser service, but so far I
haven't seen it become the master browser - the NT PDC grabs that role
of course, and the BDC's and such snatch up what's left.
Wondering, I am running a WINS server on a separate box from this one.
If everyting is registered properly (a static WINS entry perhaps), could
there be a way to configure that to allow browsing to the resource
server, yet leave NetBIOS disabled?
--
joescat
------------------------------------------------------------------------
Posted via http://www.mcse.ms
------------------------------------------------------------------------
View this thread: http://www.mcse.ms/message1479326.html
.
- Follow-Ups:
- Re: Event ID 538 Logon Type 3 NT AUTHORITY/ANONYMOUS LOGON
- From: Steven L Umbach
- Re: Event ID 538 Logon Type 3 NT AUTHORITY/ANONYMOUS LOGON
- Next by Date: Re: Event ID 538 Logon Type 3 NT AUTHORITY/ANONYMOUS LOGON
- Next by thread: Re: Event ID 538 Logon Type 3 NT AUTHORITY/ANONYMOUS LOGON
- Index(es):
Relevant Pages
|
Loading
