We help IT Professionals succeed at work.
Get Started

The domain controller attempted to validate the credentials for an account, Error 4776. listing domain Controller as Source Workstation

307 Views
Last Modified: 2017-11-06
I have been trying to track down an issue where one of our staff is getting locked out or their computer.  In checking the logs I usually can find the the logs with Error 4776 will tell me which workstation was being used to enter the wrong password, but for this individual the Domain Controller is listed as the source workstation.

AV - Alert - "1490362410" --> RID: "18105"; RL: "4"; RG: "windows,"; RC: "Windows audit failure event."; USER: "(no user)"; SRCIP: "None";
HOSTNAME: "(DC1) 192.168.xxx.xxx->WinEvtLog"; LOCATION: "(DC1) 192.168.xxx.xxx->WinEvtLog"; EVENT: "[INIT]2017 Mar 24 09:33:28 WinEvtLog:
Security: AUDIT_FAILURE(4776): Microsoft-Windows-Security-Auditing: (no user): no domain: DC1.Mydomain.com: The domain controller
attempted to validate the credentials for an account. Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon Account: firstname.lastname
Source Workstation: DC1 Error Code: 0xc000006a[END]";
Comment
Watch Question
This problem has been solved!
Unlock 1 Answer and 3 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE