Hi, I am facing issues with a server where, every time I log on I am having to revert back to the domain to be able to logon. When I have logged on in the past it has always defaulted to the domain\administrator so I enter the password and I am straight in.
recently when I then go to RDP back in, first of all I am getting randomly kicked off and secondly its as if there is another account that someone else is logging on to.
I believe its not possible to have a local admin account on a DC but how do i check to see if someone is logging on to this server without authorisation, is there some logging software or a quick way to check logs etc?
I may just be being paranoid but when I last logged on there were some software that was open for auditing and I know I didn't open it and as far as I am aware or my client, nobody else has access..