Security Audits - 2000 Server

Posted on 2004-11-18
Last Modified: 2010-04-11
I'm trying to learn how to read the Security Audits in Event Viewer on a SBS2000 server.
I need to know more about some messages I see often, and what I should be doing to resolve them. Here are the ones I need.

1. This one constantly shows up from different IPs...
Category: Account Logon
Event: 677
Type: Failure Audit

Service Ticket Request Failed:
       User Name:      
       User Domain:      
       Service Name:      krbtgt/OVATION.LOCAL
       Ticket Options:      0x2
       Failure Code:      0x20
       Client Address:

2. This one happens a lot as well...
Category: Account Logon
Event: 675
Type: Failure Audit

Pre-authentication failed:
       User Name:            jsmith
       User ID:             OVATION\jsmith
       Service Name:            krbtgt/OVATION
       Pre-Authentication Type:      0x2
       Failure Code:            0x18
       Client Address:  

^^ those are the main two that constantly show up...if I can get some help on exactly what's going on and how I can resolve the issue, I'll then post some more events in another question...thanks!
Question by:DVation191
    LVL 7

    Accepted Solution

    Have you been to They have a lot of free info on Windows events.

    For event 677 you can review comments at:

    For event 675 you can review comments at:
    LVL 20

    Author Comment

    if i am reading it correctly, those events are common and part of kerberos expiration. annoying. oh well, thanks.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Suggested Solutions

    Title # Comments Views Activity
    Malware 5 52
    Forest Trust  vs ADFS 4 109
    Sonicwall Security Service questions 2 38
    firefox and saved loggins 5 46
    By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
    Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now