danfiggolf
asked on
Windows Security Event Log shows many type 3 logon/logoff from domain users
Noticed on first a Windows 2003 Server in the security event log domain users in our large city domain has users logging on and off continuously. Then I looked at my Windows XP PC event log and see the same. Why is it that a PC or Server would have this activity happening on all of its nodes? Is there something that should be addressed in the NT Domain configuration? If I don't need this to occur on a server acting as an appliance, do I shutdown the Net Logon service and just use the SAM for authentication?
Fridolin Mansmann
Error Events would be helpful, sometimes these kind of events are "normal" depending on the audit log level. Also provide some more information about OS, version etc.
ASKER
Event ID 538 and Event ID 540. This is a Windows 2003 Domain. The server is Windows 2003 and the clients are currently XP SP3. If you look at the log at any PC or Server in the domain they have all the domain user accounts logging in and logging off. Is this a browsing thing, where the users are not actually attempting to logon to the systems, but just a browsing functionality or incorrectly configured NT Domain?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
because I did not provide enough detail for the experts to understand the problem.