Noticed on first a Windows 2003 Server in the security event log domain users in our large city domain has users logging on and off continuously. Then I looked at my Windows XP PC event log and see the same. Why is it that a PC or Server would have this activity happening on all of its nodes? Is there something that should be addressed in the NT Domain configuration? If I don't need this to occur on a server acting as an appliance, do I shutdown the Net Logon service and just use the SAM for authentication?