Greetings I'm trying to track down a problem logging into a Windows Server 2008 Standard 32 bit SP2. The problem is that from time to time, which *appears* to be at certain times of the day, we cannot connect with remote desktop. The server functions fine during these periods - it is a public facing webserver - we can connect remotely using SQL Server Management Studio Express, but not with remote desktop. When trying to connect, I can see "securing remote connection" then "configuring remote connection" but then it just comes back after a minute or so with "this computer cannot connect to the remote computer". In the server logs, I can see the following in the security logs, though *not* at the times when we are trying to connect: An account failed to log on. Subject: Security ID: SYSTEM Account Name: xxxx$ Account Domain: WORKGROUP Logon ID: 0x3e7 Logon Type: 10 Account For Which Logon Failed: Security ID: NULL SID Account Name: administrator Account Domain: xxxx Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc0000064 Process Information: Caller Process ID: 0x1bc Caller Process Name: C:\Windows\System32\winlogon.exe Network Information: Workstation Name: xxxx Source Network Address: 0.0.0.0 Source Port: 0 And others similar, but with the following network info Network Information: Workstation Name: xxxx Source Network Address: 58.221.254.239 Source Port: 4336 note: xxxx above is the name of server computer name however please further note that our Administrator account was renamed. From the IP address the second one above seems to be some kind of hack attempt, perhaps ? But why is the Workstation Name the server computer name ? Also, around the times that we try to connect, there are these audit failures: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: abcd Account Domain: xxxx Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc0000064 Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: efgh Source Network Address: - Source Port: - Now, this last failure seems to be generated when one of the failed connections with remote desktop occur since the Workstation Name is the computer name of the laptop I can trying to connect from - but the account name is wrong - abcd is the name that the Administrator account was renamed to a few weeks ago, but no longer, which is very odd, because when we attemp to connect with remote desktop we definitely specify the correct (current) account name. Moreover, these events are not generated for each connection attempt *and* we don't *ever* change anything on the laptop - we just keep retrying after an hour or so and eventually we can connect. We think the problem only occurs during the same 6 (approx) hours of each day. The laptop is running windows 7 and running remote desktop 6.1.7600 Any comment or advice would be most welcome. Thanks RL

Any help or advice would be appreciated.