[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
Question
[x]
Attachment Details

How to find process, service or device that is using wrong credentials

Asked by Toky76 in Windows 2000 Server, Windows 2000 Operating System, Network Auditing Software

Tags: How to find process, service or device that is using wrong credentials

Hello, according to this EventLog, I am searching for a way, how to find process, service or device that is using wrong credentials.

Failure Audit
Event Source:      Security
Event Category:      Logon/Logoff
Event ID:      529
Date:            02/11/2009
Time:            15:49:31
User:            NT AUTHORITY\SYSTEM
Computer:      ITMLARTPRD192
Description:
Logon Failure:
       Reason:            Unknown user name or bad password
       User Name:      USer2004
       Domain:            XXXX192
       Logon Type:      2
       Logon Process:      Advapi  
       Authentication Package:      MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
       Workstation Name:      XXXX192

I have search for all connections, mapped drives, scheduled tasks and nothing.

That is way I am asking you, EXPERTS, if there is a way how to find, what is using wrong credentials.
 
Related Solutions
Keywords: How to find process, service or devi…
Title
1 Event id; 529 MICROSOFT_AUTHE…
 
Loading Advertisement...
 
[+][-]11/02/09 08:09 AM, ID: 25720633Expert Comment

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]11/03/09 12:41 AM, ID: 25726992Author Comment

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091111-EE-VQP-89 - Hierarchy / EE_QW_3_20080625