Hello,
We are trying to find out how an account got locked on one of our servers. This is what we are finding in event viewer:
Logon Failure:
Reason: Unknown user name or bad password
User Name: scoreadm
Domain: REH-AS-025
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: REH-AS-025
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 172.20.10.138
Source Port: 0
Can some body please explain what each term means - like Logon Type, Domian, Logon Process etc?
Thanks
We are trying to find out how an account got locked on one of our servers. This is what we are finding in event viewer:
Logon Failure:
Reason: Unknown user name or bad password
User Name: scoreadm
Domain: REH-AS-025
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: REH-AS-025
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 172.20.10.138
Source Port: 0
Can some body please explain what each term means - like Logon Type, Domian, Logon Process etc?
Thanks