|
Posted by Roger Abell [MVP] on August 14, 2006, 10:22 am
Please log in for more thread options
> Hi,
>
> Windows Server 2003 Standard Edition SP1
>
> We continue to receive the following errors on our domain controllers
> (Security event log):
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Logon/Logoff
> Event ID: 529
> Date: 8/6/2006
> Time: 9:32:38 AM
> User: NT AUTHORITY\SYSTEM
> Computer: OURDC
> Description:
> Logon Failure:
> Reason: Unknown user name or bad password
> User Name: db2admin
> Domain: Server A
> Logon Type: 3
> Logon Process: NtLmSsp
> Authentication Package: NTLM
> Workstation Name: Server A
> Caller User Name: -
> Caller Domain: -
> Caller Logon ID: -
> Caller Process ID: -
> Transited Services: -
> Source Network Address: Server A's IP
> Source Port: 1032
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Account Logon
> Event ID: 680
> Date: 8/6/2006
> Time: 9:32:38 AM
> User: NT AUTHORITY\SYSTEM
> Computer: OURDC
> Description:
> Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
> Logon account: db2admin
> Source Workstation: Server A
> Error Code: 0xC0000064
>
> I think that error code means "the specified user does not exist".
>
> The errors appear on the domain controller anytime a particular service
> (Db2 Administration
> Server) is restarted. This service is run using a local admin account
> (db2admin). My question is this, is it *normal* behavior for services
> that are started with local accounts to attempt to authenticate to the
> DC first? Is this entirely dependent on the service? Have you seen
> similar behavior before?
>
> I'm trying to find out if it's uniquely a db2 issue.
>
> Thanks,
> Rob
>
No, that is not normal behavior.
It seems to indicate something misconfigured in the DB2 service or
mismatch with its prereqs, or in its design/implementation.
| 
XML Sitemap