Event ID 529

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hello

Can anyone help?

We have a client which runs SBS2k3 and almost on every day blocks of either
50 to 100 or so, of the above events (see full details below), within a very
short space of time (minutes together) are recorded in the event logs.
Sometimes the Logon Type is different (eg 3), also the User Name can be
different such as "Webmaster" and the Caller Process ID can be different too.
I have had no luck searching for definite soultion and my client has a major
concern that they are being "hacked" and confidence in a Microsoft soultion
is waning very fast. I have read on various other sites that these messages
can be ignored. However, that's not very comforting to my client when we
can't track down the cause of the issue or to fully explain it, other than a
hack attempt. The client also moved site recently so the broadband packege
is all new, I was hoping this would resolve the problem, but it hasn't.

Does anyone know why or how to stop the events from occurring?

Many thanks

Here is full event detail:-

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date: 06/01/2009
Time: 10:35:58
User: NT AUTHORITY\SYSTEM
Computer: <SERVER NAME>
Description:
Logon Failure:
Reason: Unknown user name or bad password
User Name: admin
Domain: <SERVER DOMAIN>
Logon Type: 8
Logon Process: IIS
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Workstation Name: <SERVER NAME>
Caller User Name: <SERVER NAME>$
Caller Domain: <SERVER DOMAIN>
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 2672
Transited Services: -
Source Network Address: -
Source Port: -


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


BTW the MS Help and Support Center, unfortunately isn't very helpful or
supportive with this issue.



Andy
MBS

.

Relevant Pages

  • RE: Outlook does not find name in addess list - exchange
    ... For the client workstion's OS is a non-English version, ... contact the local CSS for support. ... Microsoft CSS Online Newsgroup Support ... Please check the RPC_Binding_Order registry value on the machine. ...
    (microsoft.public.windows.server.sbs)
  • Re: Two access points in same house
    ... disable the wireless client, wait a few minutes, turn on the wireless ... customers with lots of systems with identical SSID on each AP. ... Dlinks support people, they are the biggest asses I have ever tried to ... I recently had to ask for an unreleased firmware image from one ...
    (alt.internet.wireless)
  • Re: 64 bit C# trying to call a 32 bit CPP ATL Service
    ... the process space of the client application. ... HKEY_CLASSES_ROOT\CLSID registry key, ... We build a 64bit version of the ATL service, ... Microsoft Online Community Support ...
    (microsoft.public.vc.atl)
  • RE: SOAP .Net client wrapper questions
    ... Async operation with the webservice ... a common cause is the XML serialization ... pregenerate some XML serialization assembly for webservice client. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: WCF Security Issue
    ... ** Is your WCF service designed to use domain ... both wsHttpbinding and netTcpBinding support message ... Then, for your WCF client, you can use the current logon user's credential ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)