What are these messages coming in contantly to my Windows Server 2003 domain controller

Windows Server 2003, all current updates installed

I am getting tons of these messages on my domain controller.

Event Type:      Success Audit
Event Source:      Security
Event Category:      Account Management
Event ID:      697
Date:            2/13/2007
Time:            6:34:18 PM
User:            AADATACOMPANY\SQLSERVER
Computer:      AADC2
Description:
Password Policy Checking API is called:
       Caller Username:      SQLSERVER
       Caller Domain:      AADATACOMPANY
       Caller Logon ID:      (0x0,0x11EB2)
       Caller Workstation:      127.0.0.1
       Provided User Name (unauthenticated):      -
       Status Code:      0x0


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

and this one too

Event Type:      Success Audit
Event Source:      Security
Event Category:      Directory Service Access
Event ID:      565
Date:            2/13/2007
Time:            6:34:18 PM
User:            AADATACOMPANY\SQLSERVER
Computer:      AADC2
Description:
Object Open:
       Object Server:      Security Account Manager
       Object Type:      SAM_DOMAIN
       Object Name:      DC=aadatacompany,DC=local
       Handle ID:      93911296
       Operation ID:      {0,148821960}
       Process ID:      664
       Process Name:      C:\WINDOWS\system32\lsass.exe
       Primary User Name:      AADC2$
       Primary Domain:      AADATACOMPANY
       Primary Logon ID:      (0x0,0x3E7)
       Client User Name:      SQLSERVER
       Client Domain:      AADATACOMPANY
       Client Logon ID:      (0x0,0x11EB2)
       Accesses:      DELETE
                  READ_CONTROL
                  WRITE_DAC
                  WRITE_OWNER
                  ReadPasswordParameters
                  ReadOtherParameters
                  WriteOtherParameters
                  CreateUser
                  CreateGlobalGroup
                  GetLocalGroupMembership
                  ListAccounts
                  
       Privileges:      -

       Properties:
---
      domain
DELETE
READ_CONTROL
WRITE_DAC
WRITE_OWNER
ReadPasswordParameters
ReadOtherParameters
WriteOtherParameters
CreateUser
CreateGlobalGroup
GetLocalGroupMembership
ListAccounts
            Domain Password & Lockout Policies
                  lockOutObservationWindow
                  lockoutDuration
                  lockoutThreshold
                  maxPwdAge
                  minPwdAge
                  minPwdLength
                  pwdHistoryLength
                  pwdProperties
            Other Domain Parameters (for use by SAM)
                  serverState
                  serverRole
                  modifiedCount
                  uASCompat
                  forceLogoff
                  domainReplica
                  oEMInformation
            Domain Administer Server

       Access Mask:      0


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

They are alternating and being logged at about 10 per second.

Is this a hacker trying to gain access to my server?  If so, what can I do about it?

Thanks,

ToddStart Free Trial