HI All

First time user, straight out of Uni have absolutely NO idea! and yes I'm a girl. I'm finding in my event viewer under Secuirty lots and lots of these errors

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: 14/12/2005
Time: 8:36:38 a.m.
User: NT AUTHORITY\SYSTEM
Computer: SERVER02
Description:
Logon Failure:
Reason: An error occurred during logon
User Name:
Domain:
Logon Type: 3
Logon Process: Kerberos
Authentication Package: Kerberos
Workstation Name: -
Status code: 0xC000006D
Substatus code: 0xC0000133
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: 192.168.0.20
Source Port: 0


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

They are not always for the same source network address, but everything else is the same. Microsoft say to research it ...... hmmm. It's happening at all time of the day and night. Any thoughts would be greatly appreciated.

Weclome to BE, female or male no difference to us - it's a computing community - Main issue however, is the blondastheycom - that, male or female is often a warning of some sort !

On a more serious note, someone is trying to access that machine over the network and is failing password authenfication. Do you have files and printer sharing activated on that Server02 machine? If so, a user is trying to print or access some files but is not authorized to do so.

Keyword to focus or google for

Event ID: 537
Logon Type: 3
Authentification Package: Kerberos

I'm pleased to hear you dont' care whether I'm male or female. There are a lot of people out the that think Networking is for Males only. Blonde as they come is just a nick name that I've given myself..... blonde definately but stupid ..... definately not I completed my BIT (networking) at Bond University with a 3.7/4 GPA average and also while I was there got my CCNA certification with 98.5%. But for me that means absolutely nothing when you get out into the real world they definately don't teach you anything really substantial that you can use!

Thanks for your help.... greatly appreciated.
Reese :thumb:

Is Server02 a domain controller?

IP Scheme seems to be the "standard" for many home networking boxes, etc. Is this a production server in Business environment?

Yip sure is a DC. I've only been at this new job a week, still trying to sort out many problems.

Congrats on study results - one of my very good female friend, is a top networking architect at Cisco. So don't let the boys run you out, they probably are just to scare of competition.

Did some more digging, definetly points to authentification failure, incremented a number of time in hex count ( Status code: 0xC000006D) Seems your culprit is user 20 in your IP range..go check it out and smack the dude behind the head for having lost his password.
Beware it's more then likely the president who lost is yellow sticky with his password that was glued to the monitor screen.! Welcome to Corporate Network security - 101.

Thanks for the support much appreciated. I did a search on who had that IP address and yes you were right...... yellow sticky missing ........ was just throwing passwords at it hoping one of them was gonig to work!! I suppose you live and learn ..... I was expecting something more sinister ..... lesson 202 things are not as serious as they seem people who use computers are usually not computer literate.

I bow down to your superior knowledge :bow:

I bow down to your superior knowledge :bow:

Knowledge my dear is often just a google away, well + 30 years in the IT industry as it pertains to root cause of possible problems !:deviltail