Solved

Windows Security Event Log shows many type 3 logon/logoff from domain users

Posted on 2011-02-17
4
791 Views
Last Modified: 2012-05-11
Noticed on first a Windows 2003 Server in the security event log domain users in our large city domain has users logging on and off continuously.  Then I looked at my Windows XP PC event log and see the same.  Why is it that a PC or Server would have this activity happening on all of its nodes?  Is there something that should be addressed in the NT Domain configuration?  If I don't need this to occur on a server acting as an appliance, do I shutdown the Net Logon service and just use the SAM for authentication?
0
Comment
Question by:danfiggolf
  • 3
4 Comments
 
LVL 4

Expert Comment

by:mansmanf
ID: 34920347
Error Events would be helpful, sometimes these kind of events are "normal" depending on the audit log level. Also provide some more information about OS, version etc.
0
 

Author Comment

by:danfiggolf
ID: 34920830
Event ID 538 and Event ID 540.  This is a Windows 2003 Domain.  The server is Windows 2003 and the clients are currently XP SP3.  If you look at the log at any PC or Server in the domain they have all the domain user accounts logging in and logging off.  Is this a browsing thing, where the users are not actually attempting to logon to the systems, but just a browsing functionality or incorrectly configured NT Domain?
0
 

Accepted Solution

by:
danfiggolf earned 0 total points
ID: 34965976
QAKBOT was the problem.
0
 

Author Closing Comment

by:danfiggolf
ID: 34995568
because I did not provide enough detail for the experts to understand the problem.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now