DVation191
asked on
Security Audits - 2000 Server
I'm trying to learn how to read the Security Audits in Event Viewer on a SBS2000 server.
I need to know more about some messages I see often, and what I should be doing to resolve them. Here are the ones I need.
1. This one constantly shows up from different IPs...
--------------------------
Category: Account Logon
Event: 677
Type: Failure Audit
Service Ticket Request Failed:
User Name:
User Domain:
Service Name: krbtgt/OVATION.LOCAL
Ticket Options: 0x2
Failure Code: 0x20
Client Address: 192.168.40.79
2. This one happens a lot as well...
--------------------
Category: Account Logon
Event: 675
Type: Failure Audit
Pre-authentication failed:
User Name: jsmith
User ID: OVATION\jsmith
Service Name: krbtgt/OVATION
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: 192.168.40.79
^^ those are the main two that constantly show up...if I can get some help on exactly what's going on and how I can resolve the issue, I'll then post some more events in another question...thanks!
I need to know more about some messages I see often, and what I should be doing to resolve them. Here are the ones I need.
1. This one constantly shows up from different IPs...
--------------------------
Category: Account Logon
Event: 677
Type: Failure Audit
Service Ticket Request Failed:
User Name:
User Domain:
Service Name: krbtgt/OVATION.LOCAL
Ticket Options: 0x2
Failure Code: 0x20
Client Address: 192.168.40.79
2. This one happens a lot as well...
--------------------
Category: Account Logon
Event: 675
Type: Failure Audit
Pre-authentication failed:
User Name: jsmith
User ID: OVATION\jsmith
Service Name: krbtgt/OVATION
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: 192.168.40.79
^^ those are the main two that constantly show up...if I can get some help on exactly what's going on and how I can resolve the issue, I'll then post some more events in another question...thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER