Event ID 529 after changing admin password: ISA 2004
Hello,Ever since I changed my admin password on my SBS 2003 server I've been receiving these event logs. They seem to only occur when the user is logged in and I also don't believe them to be someone trying to hack. When I changed the admin password I also updated all of the services that were using the admin password as well as SharePoint. On the client side I've checked the event log and I don't see anything that corresponse to the 529 on the SBS server. I also checked the client's scheduled tasks and that seems in order. I'm perplexed...any ideas? p.s. I recently discovered that I receive this anytime one of my clients accesses the internet via IE8. I also have ISA 2004 installed on the SBS 2003 server. I reinstalled the ISA client and I noticed that my clients were still able to access in internet...I thought that if ISA was implemented a client wouldn't be able to access the internet without going through the proxy and using the ISA client? Regardless something is definitely occuring when the client accesses the internet as the error below is presented immediate after in the SBS 2003 server's event log.Source Event ID Last Occurrence Total Occurrences Security 529 1/27/2010 4:33 PM 155 * Logon Failure: Reason: Unknown user name or bad password User Name: administrator Domain: DOMAINNAME Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: DESKTOP1 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: - Source Port: -
February 24th, 2010 10:24am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics