Re: Help - RPC over http credential issue

From: "Fredrick A. Zilz" <fzilz@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 30 Jan 2006 09:26:18 -0800

In addition, I am showing the following errors in my DC event security log:

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 1/30/2006
Time: 9:22:52 AM
User: NT AUTHORITY\SYSTEM
Computer: IH-AD01
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: IH-EXCHANGE02$
Domain: INTERHEALTH
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: IH-EXCHANGE02
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
Date: 1/30/2006
Time: 9:22:52 AM
User: NT AUTHORITY\SYSTEM
Computer: IH-AD01
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: IH-EXCHANGE02$
Source Workstation: IH-EXCHANGE02
Error Code: 0xC000006A

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

"Fredrick A. Zilz" <fzilz@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23HAUNCcJGHA.3896@xxxxxxxxxxxxxxxxxxxxxxx
>I run a single exchange server which is exposed to the internet for https
>traffic. Some of my clients accessing this server use rpc over https to
>connect their outlook 2003 clients to my exchange 2003 sp2 server. My
>windows server environment is windows 2003. RPC has been working for more
>than 6 months. Now as of Friday afternoon my clients accessing exchange
>via rpc continually are have requests for credentials. When entering the
>correct credentials, approximately one email comes through before a new
>prompt for credentials pops up. Cancel takes them to offline mode.
>Changing the client to connect without the rpc proxy allows them to connect
>and work correctly using the same credentials.
>
> Is it possible that a change on the permission set or security on my DC
> could be causing this, if so what would I look for.
>
> Thank you in advance for your assistance.
>

.

References:
- Help - RPC over http credential issue
  - From: Fredrick A. Zilz

Prev by Date: Help - RPC over http credential issue
Next by Date: Re: Exchange 2003 SP2 IMF trouble
Previous by thread: Help - RPC over http credential issue
Next by thread: Re: Help - RPC over http credential issue
Index(es):
- Date
- Thread

Relevant Pages

Rogue Workstation?
... I noticed the following entries in the Security log of one of my Windows ... Event Type: Failure Audit ... The logon to account: Administrator ...
(microsoft.public.windows.server.active_directory)
Re: Internet Explorer and Outlook Express problems after standby mode
... > Event Type: Failure Audit ... > Event Source: Security ... > Event Category: Account Logon ...
(microsoft.public.windowsxp.perform_maintain)
Re: Security failures
... I send a copy of the text to the security people who contact the person at the noted workstation and tell them not to run scripts or programs which check every machine on every domain in the world. ... Event Type: Failure Audit ... An unexpected error occurred during logon ...
(microsoft.public.win2000.general)
change administrator password
... the Security Event Viewer. ... Is there a procedure to follow when changing the administrator password, ... Event Type: Failure Audit ... Logon Failure: ...
(microsoft.public.win2000.security)
Re: Cant delegate/share to a group
... Try changing the Distribution group to a security group. ... The client operation failed". ... > Event Type: Success Audit ... > Successful Network Logon: ...
(microsoft.public.exchange2000.general)