Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Security Audits - 2000 Server

Posted on 2004-11-18
Medium Priority
Last Modified: 2010-04-11
I'm trying to learn how to read the Security Audits in Event Viewer on a SBS2000 server.
I need to know more about some messages I see often, and what I should be doing to resolve them. Here are the ones I need.

1. This one constantly shows up from different IPs...
Category: Account Logon
Event: 677
Type: Failure Audit

Service Ticket Request Failed:
       User Name:      
       User Domain:      
       Service Name:      krbtgt/OVATION.LOCAL
       Ticket Options:      0x2
       Failure Code:      0x20
       Client Address:

2. This one happens a lot as well...
Category: Account Logon
Event: 675
Type: Failure Audit

Pre-authentication failed:
       User Name:            jsmith
       User ID:             OVATION\jsmith
       Service Name:            krbtgt/OVATION
       Pre-Authentication Type:      0x2
       Failure Code:            0x18
       Client Address:  

^^ those are the main two that constantly show up...if I can get some help on exactly what's going on and how I can resolve the issue, I'll then post some more events in another question...thanks!
Question by:DVation191

Accepted Solution

jimwasson earned 1500 total points
ID: 12616998
Have you been to eventid.net? They have a lot of free info on Windows events.

For event 677 you can review comments at:

For event 675 you can review comments at:
LVL 20

Author Comment

ID: 12644369
if i am reading it correctly, those events are common and part of kerberos expiration. annoying. oh well, thanks.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question