Solved

Recurring Security Error Log

Posted on 2009-04-13
9
480 Views
Last Modified: 2013-12-12
Has anyone experienced repeated security logs like the one below?  I have scanned for virus, etc.  The particular computer being reported in the log is my domain controller server and the user name and id is actually a NAS unit.

Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      675
Date:            4/13/2009
Time:            6:51:34 AM
User:            NT AUTHORITY\SYSTEM
Computer:      DC
Description:
Pre-authentication failed:
       User Name:      tera_server$
       User ID:            PD\tera_server$
       Service Name:      krbtgt/PD.VIDALIAGA.COM
       Pre-Authentication Type:      0x0
       Failure Code:      0x19
       Client Address:      192.168.1.135


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Comment
Question by:carolinasgirl28
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24132723
read here
http://www.ultimatewindowssecurity.com/securitylog/event.aspx?eventID=675 
"Most events generated by computer accounts are safe to ignore."
0
 

Author Comment

by:carolinasgirl28
ID: 24132766
My only concern with this, is that, for some reason I don't under stand, when the security log fills up, my clients can't log in to their computers until I go in as admin and clear the log.  It's like even though there is no user logging into the nas unit, it is generating these logs and it affects everyone on the network.  Any ideas on how to correct this?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24132836
Have you checked the time synch?
or tried to reset the computer account password?
0
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24132863
0
 

Author Comment

by:carolinasgirl28
ID: 24139636
Welllll, thanks for the links.  I have checked the time.  The NAS was an hour off so I fixed that.  Still getting the event errors though.  Looked at the other link....(big sigh).  

The users on my network are still filling up with event logs and I have to continually log in as the admin and clear them out before anyone else can log on.  I did notice that the local computer logs are different from that of the server.  The local computer logs give the error "The windows firewall has detected an application listening for incoming traffic"  

I have set all policies to not report any events temporarily to see if that would help.  Has not.

Anything else up your sleeve?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24139768
DId you try resetting the machine account password?
http://support.microsoft.com/kb/325850
Did you set the DONT_REQ_PREAUTH flag ?
You could also increase the log size and have it overwrite as needed
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24139905
Check the dns settings on the NAS unit
 
and you may also want to...
 
How to force Kerberos to use TCP instead of UDP in Windows
0
 

Author Comment

by:carolinasgirl28
ID: 24185483
Well.  Turns out we have been hit with the conficker.  Have cleaned the network, usb drives, etc....thing just keeps popping back up.
0
 

Accepted Solution

by:
carolinasgirl28 earned 0 total points
ID: 24450500
Removed the conficker virus and the errors quit.
0

Featured Post

Increase your protection from Zero Day threats!

Running two Antivirus' is never a good idea.
Taking advantage of Multiple Security layers on the other hand can often save your hide.
See which top notch security software brands have been proven to happily coexist together.
Reduce your chances of becoming a statistic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Need help with software deployments 3 89
What program can open a .sig file image? 6 111
moto 4g plus phone lockout time 4 65
NAS ISCSI Sharing 8 87
In our personal lives, we have well-designed consumer apps to delight us and make even the most complex transactions simple. Many enterprise applications, however, are a bit behind the times. For an enterprise app to be successful in today's tech wo…
This article was originally published on Monitis Blog, you can check it here . If you have responsibility for software in production, I bet you’d like to know more about it. I don’t mean that you’d like an extra peek into the bowels of the sourc…
The viewer will learn how to set up a document for the web and print and the recommended PPI for printing.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question