Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > getting knocked off the 2003 active directory

getting knocked off the 2003 active directory

Forum Windows 2000/NT : Windows 2000/NT General Discussion - getting knocked off the 2003 active directory

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   08-04-2005 at 08:44:36 PM

Archived from groups: microsoft.public.win2000.active_directory (More info?)

 

we are on a active directory(2003). I am on a XP pro pc here.
I am getting locked out of the network while using this pc.

I see some of this in the event viewer:

Event Type: Failure Audit
Event Source: Security
Event Category: Detailed Tracking
Event ID: 861
Description:
The Windows Firewall has detected an application listening for incoming
traffic.

Name: -
Path: C:\WINDOWS\UTLite.exe
Process identifier: 2172

I have the IE firewall shutoff.



Event Type: Failure Audit
Event Source: Security
Event Category: Detailed Tracking
Event ID: 861

The Windows Firewall has detected an application listening for incoming
traffic.

Name: -
Path: C:\WINDOWS\system32\lsass.exe
Process identifier: 600
User account: SYSTEM
User domain: NT AUTHORITY



Event Type: Warning

Event Source: LSASRV

Event Category: SPNEGO (Negotiator)

Event ID: 40960

Date: 08/04/2005

Time: 12:51:01 PM


Description:

The Security System detected an attempted downgrade attack for server
exchangeAB\etcetc. The failure code from authentication protocol
Kerberos was "The user account has been automatically locked because
too many invalid logon attempts or password change attempts have been
requested.

Description:

The Security System could not establish a secured connection with the
server exchangeAB\etcetc. No authentication protocol was available


I use a utility called CCleaner 2x a day or so. I have this set to
clean windows temp files as well. Is this an issue?

Or do I have an intrider?

thanks

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   08-06-2005 at 05:27:04 AM
- 0 +

Archived from groups: microsoft.public.win2000.active_directory (More info?)

 

JWA6,

Have you looked at this link:

http://www.eventid.net/display.asp [...] ty&phase=1

Does it help you any?

How about this link:

http://www.eventid.net/display.asp [...] rv&phase=1

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



"jwa6" <jwagans@yahoo.com> wrote in message
news:1123191876.781731.269710@f14g2000cwb.googlegroups.com...
> we are on a active directory(2003). I am on a XP pro pc here.
> I am getting locked out of the network while using this pc.
>
> I see some of this in the event viewer:
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Detailed Tracking
> Event ID: 861
> Description:
> The Windows Firewall has detected an application listening for incoming
> traffic.
>
> Name: -
> Path: C:\WINDOWS\UTLite.exe
> Process identifier: 2172
>
> I have the IE firewall shutoff.
>
>
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Detailed Tracking
> Event ID: 861
>
> The Windows Firewall has detected an application listening for incoming
> traffic.
>
> Name: -
> Path: C:\WINDOWS\system32\lsass.exe
> Process identifier: 600
> User account: SYSTEM
> User domain: NT AUTHORITY
>
>
>
> Event Type: Warning
>
> Event Source: LSASRV
>
> Event Category: SPNEGO (Negotiator)
>
> Event ID: 40960
>
> Date: 08/04/2005
>
> Time: 12:51:01 PM
>
>
> Description:
>
> The Security System detected an attempted downgrade attack for server
> exchangeAB\etcetc. The failure code from authentication protocol
> Kerberos was "The user account has been automatically locked because
> too many invalid logon attempts or password change attempts have been
> requested.
>
> Description:
>
> The Security System could not establish a secured connection with the
> server exchangeAB\etcetc. No authentication protocol was available
>
>
> I use a utility called CCleaner 2x a day or so. I have this set to
> clean windows temp files as well. Is this an issue?
>
> Or do I have an intrider?
>
> thanks
>

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > getting knocked off the 2003 active directory
Go to:

There are 1187 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.287 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
  • 01:00 vianescute won the Freshman badge
  • 01:00 meywd won the Freshman badge
  • 01:00 nayega won the Freshman badge
  • 01:00 gpfear won the Freshman badge
  • 01:00 Conrad925 won the Freshman badge
  • 01:00 skythra won the Freshman badge
  • 01:00 Ckaz won the Freshman badge
  • 01:00 james59 won the Uniformed badge
  • 01:00 snarl won the Uniformed badge
  • 01:00 patlabor44 won the Uniformed badge