admin authentication errors in win2k3 server / XP environment

From: David (NOSPAMDavidGerst_at_anti-spam.tempco.com)
Date: 08/16/04

• Next message: Ivan Brugiolo [MSFT]: "Re: W2K/WMI service (WinMgmt.exe) accessing an ODBC connection"
• Previous message: richlm: "AzMan Dynamic groups"
• Next in thread: Miha Pihler: "Re: admin authentication errors in win2k3 server / XP environment"
• Reply: Miha Pihler: "Re: admin authentication errors in win2k3 server / XP environment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 16 Aug 2004 10:44:07 -0500

I have a problem can't seem to figure out. I am an admin, and I'm having
some security issues with the our exchange 2003 server only. I have no
problems with our Primary Domain Controller (w2k3 std) or our gateway server
running ISA 2004 (w2k3 Std).

>From my XP workstation, if i try to remotely manage the Exchange server (via
right click 'my computer'->manage->Action->connect to another computer) the
mmc console comes up but if I try to review the event logs, or access the
services list, or anything for that matter... I get an access denied error.
If I remote desktop into the exchange server or login at the machine, I have
no problems at all. I can view the event log, I can go into the services, I
can edit the active directory... whatever I want. Also, I have noticed on
my workstation that my Office XP Outlook client is affected. when I start
Outlook, it prompts me for my password which I believe it shouldn't do
because it should be using the integrated user password. Also, if I hit the
send/receive button on outlook, the exchange server records some security
failed events with my username/account... but, I don't get any error from
within Outlook. Also, I am sending and receiving email just fine. I
haven't encountered anything like this before and any help is greatly
appreciated!

Oh, and attached are sample event logs with username/domain removed.

Logon Failure:
  Reason: Unknown user name or bad password
  User Name: myusername
  Domain: mydomain
  Logon Type: 4
  Logon Process: Advapi
  Authentication Package: Negotiate
  Workstation Name: EXCHANGE
  Caller User Name: EXCHANGE$
  Caller Domain: mydomain
  Caller Logon ID: (0x0,0x3E7)
  Caller Process ID: 980
  Transited Services: -
  Source Network Address: -
  Source Port: -

For more information, see Help and Support Center at

Logon Failure:
  Reason: Unknown user name or bad password
  User Name: myusername
  Domain: mydomain
  Logon Type: 3
  Logon Process: NtLmSsp
  Authentication Package: NTLM
  Workstation Name: myPc
  Caller User Name: -
  Caller Domain: -
  Caller Logon ID: -
  Caller Process ID: -
  Transited Services: -
  Source Network Address: 172.16.0.126
  Source Port: 1986

---

• Next message: Ivan Brugiolo [MSFT]: "Re: W2K/WMI service (WinMgmt.exe) accessing an ODBC connection"
• Previous message: richlm: "AzMan Dynamic groups"
• Next in thread: Miha Pihler: "Re: admin authentication errors in win2k3 server / XP environment"
• Reply: Miha Pihler: "Re: admin authentication errors in win2k3 server / XP environment"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)