Solved

AD authentication

Posted on 2009-04-14
10
312 Views
Last Modified: 2013-12-05
Hi can someone give me information on AD authentication. I had a question on if a user logs into the network how many times does it authenticate to AD? Does it do it just once on login or everytime it tries to hit a network resource? Also if I want to check authentication success\failures, all of this information is in the event viewer of the DC correct? In the eventviewer when the user section is system, does that mean its just a service on the computer requesting AD authentication? Thanks
0
Comment
Question by:Thomas N
  • 5
  • 4
10 Comments
 
LVL 6

Expert Comment

by:ngailfus
ID: 24140841
I believe each time a user tries to access a network resource they authenticate with the DC.  We occasionally have a user who ignores the password expiration warnings, never logs off and then complains how they can't print or access their files anymore.
0
 

Author Comment

by:Thomas N
ID: 24141059
Would you by chance have a link explaining the authentication process for AD? Possibly troubleshooting too? Thanks
0
 
LVL 18

Expert Comment

by:Americom
ID: 24141633
Authentication including when users logon to a machine, map a drive, start a service, UNC to a share, run admin tool, rdp, etc....

When you enable auditing on your DCs, these events shows up in the security event logs:
http://support.microsoft.com/kb/299475

Both computer and user account authentication are logged on the security log.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:Thomas N
ID: 24141716
Thanks Americom:Sorry I forgot to say I have Windows 2003 server. The event id's are in there 600's. I tried to do a search for Windows 2000 Security Event Descriptions but could not find anything. Any chance you would have a link for that one?
0
 
LVL 18

Expert Comment

by:Americom
ID: 24141812
The link provided above has two parts. You should see the link there, look for part 2 of 2 for the 600s.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24141815
0
 

Author Comment

by:Thomas N
ID: 24141903
ah got it thanks. So if a user logs into a workstation and they access a network resource, it authenticates to the dc and will show up in the eventviewer everytime?
0
 

Author Comment

by:Thomas N
ID: 24142030
Also one last question , we have 3 dc's. Is it possible to for a users computer to timeout during authentication and if so is there a way for us to determine when\if a user had timed out?
0
 
LVL 18

Expert Comment

by:Americom
ID: 24142055
Yes, as long as you use a valid domain account, it will show up in the DC security event log.
0
 
LVL 18

Accepted Solution

by:
Americom earned 500 total points
ID: 24142092
Very unlikely. If you have all three DCs and without and AD site creation and only the default AD site exist, user can authenticate by any DC available. If you have AD site create, user will authenticate to the DC that is on the same assigned AD site as the user's PC. If that DC is not available, then the user will be authenticated by other AD Site DCs. So, it is very unlikely that the time out will show up in any DC, it will show up in the local PC's event log but not the DC. If the authentication request reached the DC, it will recorded in the DC. Hope this help.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question