Security Failure Audit Account Logon Event ID 675

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Kashif <Kashif@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 31 May 2009 15:25:01 -0700

I'm sorry for posting this here, I couldn't locate the proper group to post it.
My Primary Domain controller is Filling this Failure Audit EVENT" every few
minutes.
Source: Security
Event ID 675
NT AUTHORITY\SYSTEM
Computer DC!
Pre-authentication Failed:
User Name: Administrator
User ID: MyDomain\administrator
Service Name krbtgt/Mydomain
Pre-authentication type: 0x2
Failure code: 0x18
Client address 127.0.0.1

I checked for krbtgt Built in account and found it disable.
I tried to enable this account but Windows gave me error.
"Windows cannot enable object krbtgt because:
cannot perform this operation on built-in accounts.

Please help .....

.

Follow-Ups:
- Re: Security Failure Audit Account Logon Event ID 675
  - From: Paul Bergson [MVP-DS]

Prev by Date: Re: User GPO not re-applying
Next by Date: GPO deleted by mistake need help
Previous by thread: Re: MMC 40000015
Next by thread: Re: Security Failure Audit Account Logon Event ID 675
Index(es):
- Date
- Thread

Relevant Pages

Re: Security Failure Audit Account Logon Event ID 675
... MVP - Directory Services ... I checked for krbtgt Built in account and found it disable. ... I tried to enable this account but Windows gave me error. ...
(microsoft.public.windows.server.active_directory)
Re: Kerberos Ticket User
... The link below and a paste from it explains more about the krbtgt. ... The krbtgt account is created automatically when a Windows 2000 ... I don't offhand know the answer to your Proxy 2.0 dilemma. ... > way I can think to make that happen is for the Kerberos ticket ...
(microsoft.public.windows.server.security)
Blank passwords, TsInternetUser added to Administrators
... recently been "hacked" by the attacker adding TsInternetUser into the ... using the TsInternetUser account. ... What I don't understand is why some installs I've seen feature blank ... as well as a blank password for the krbtgt account on my test AD ...
(Focus-Microsoft)
Re: Reset password on krbtgt account?
... I am a bit disturbed if the krbtgt password is supposed to be changed ... our 'krbtgt' account is displaying as Disabled in our Child Domain. ... > that password is used to derive secret keys for kerberos. ... >> We noticed that in our Child Domain (part of an Active Directory Forest), ...
(microsoft.public.windows.server.security)