I'd really appreciate some help with this as I'm struggling to get this resolved.
Everyday on the SBS2003 report I receive approx 3000 critical errors in the security log with the following:
Reason: Unknown user name or bad password
User Name: IUSR_SERVER
Logon Type: 8
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: SERVER
Caller User Name: NETWORK SERVICE
Caller Domain: NT AUTHORITY
Caller Logon ID: (0x0,0x3E4)
Caller Process ID: 17640
Transited Services: -
Source Network Address: -
Source Port: -
The process ID relates to the w3wp.exe service which is running under the Network Service account.
I've reset the username/password as per the instructions here: http://www.howtonetworking.com/Internet/resetpassword.htm
and while this fixes it for a few hours, it returns the next day.
Whilst these errors are occuring, I get several login prompts when browsing the RWW - I understand this is because the anonymous access is not working when the IUSR_Server account has a bad password.
Does anybody have any ideas as to how I can fix this please?