Re: Update Post Regarding Logon events after Trend 3.5 Upgrade
- From: "Jeff Teel" <jdteel@RMoveThis sugardog.com>
- Date: Tue, 20 Mar 2007 06:57:38 -0400
Thanks for asking Susan. I don't mind if you do. I checked this morning to
see if I've had new 529 Events in my Security log. There was one close to
the time I was applying Trends suggestion but I think it was shortly before
I completed. There have been none since that time from the .notaccount
user.
Thanks
Jeff
"Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx>
wrote in message news:eO4yBkraHHA.5108@xxxxxxxxxxxxxxxxxxxxxxx
Mind if I blog this?
Jeff Teel wrote:
I contacted Trend about the Logon events that started after upgrading
from Trend 3.0 to 3.5 and here is their suggestion.
-------------------------------------------------------
Trend Response:
Question/concerns/Inquiry: getting Event ID:529
Solutions/Suggestions:
1. Open the C:\Program Files\Trend Micro\Security
Server\PCCSRV\Admin\Utility\TMVS folder.
2. Double-click TMVS.exe and click Settings.
3. Under the Product Query section, clear all the marked check boxes
except for the OfficeScan Corporate Edition/Security Server check box.
4. Click OK.
Please feel free to ask for further clarifications on this matter. We
would gladly continue to assist you.
However, if the issue is successfully resolved and if you have no other
concerns that you would like us to help you with, please reply to this
e-mail at the soonest so that we can close the case.
We are looking forward to your reply and hope that we may continue to
rely on your appreciated patronage.
------------------------------------------------------
I'm not sure why but the file TMVS.exe was not located in the same place
on my server as where Trend said to look. I did not have a folder named
Security Server on my server but the file TMVS.exe was available so I was
still able to perform the suggestion. It appears to have solved the
event errors in the Windows Event Log.
Thanks
Jeff
-----------------------------------------------------
Original Post
After doing an upgrade from CSM 3.0 to CSM 3.5 I've been seeing Logon
failures. What is Trend attempting to access using the .notaccount
username
that would cause these?
Thanks
Jeff
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 3/8/2007
Time: 9:22:49 PM
User: NT AUTHORITY\SYSTEM
Computer: SBS
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: .notaccount.
Domain: network
Logon Type: 2
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: SBS
Caller User Name: SBS$
Caller Domain: network
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 3024
Transited Services: -
Source Network Address: -
Source Port: -
.
- References:
- Update Post Regarding Logon events after Trend 3.5 Upgrade
- From: Jeff Teel
- Re: Update Post Regarding Logon events after Trend 3.5 Upgrade
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Update Post Regarding Logon events after Trend 3.5 Upgrade
- Prev by Date: regarding outlook
- Next by Date: Re: More on backup options
- Previous by thread: Re: Update Post Regarding Logon events after Trend 3.5 Upgrade
- Next by thread: Re: sbs2003 and a member server
- Index(es):
Relevant Pages
|
