Solved

Event ID 675 what service it belongs too?

Posted on 2011-03-07
3
366 Views
Last Modified: 2012-05-11
I keep getting Event ID 675 pre-authentication errors for the administrator account. I went to the server that the event appeared on to try and figure out what process or program was creating the event ID and wasn’t able to find it nor on the windows AD server either. I looked in the services to see if that account was being used for anything (services) and it wasn’t. So I guessed and turned the applications services off for a night and whaalaaa i guessed right. That’s basically the issue I had to guess. Is there anything I didn’t try that would have aided me to resolving this pre-authentication error particularly what service in was binds to?

**changed detail to protect the innocent***
Security Event ID# 675

Pre-authentication failed:
User Name: administrator
User ID: contoso\administrator
Service Name: krbtgt/contoso
Pre-Authentication Type: 0x2
Failure Code: 0x18
Client Address: x.x.x.x
0
Comment
Question by:Roodona
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
ChiefTechGuru earned 500 total points
ID: 35060206
For Event Viewer entries, using www.eventid.net is invaluable.  Just put in the event code (and the event source, optionally), and you'll get information from other people that have experienced similar issues.  Info for your particular event can be found here.
0
 

Author Comment

by:Roodona
ID: 35108421
Thank you for the link, thas helpful. However, the problem im having isnt why im getting the ID but the luck of information it provides as far as what process is using the administrator account and "failing to logon".
Like I said I went to the services area on the server and disabled anything running under the adminstrator account but that didnt seem to work.
0
 

Author Closing Comment

by:Roodona
ID: 35140839
My logs arent telling me what process keeps authenticating I know what the error is. The site recommendation was awsome though.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now