MonitorWare Knowledge Base

Your first source for knowledge

Skip to content

Unexplained Event 681 From WinXP Laptop Not Member of Domain

Discuss Windows Event Log events. What they mean, what they tell you about your machine's security ... and whatever questions else you have.

Moderator: alorbach

Post a reply

Unexplained Event 681 From WinXP Laptop Not Member of Domain

Postby Barry Gerber on Fri Apr 18, 2003 5:26 am

Is it possible that a Windows XP laptop connected to the network, but not part of a Windows 2000 domain could attempt to connect to workstations on the network spontaneously? The attempted connects use only the XP user id, which the sophisticated owner of this machine has to know would have no value on all these workstations. The user is a Windows system administrator and it just makes no sense that this person would consciously attempt to log in to workstations with a password that doesn't exist either on the workstation or on the domain. This person has been placed on administrative leave pending resolution of this and another security violation issue.

Help!
Barry Gerber
 
Top

Postby rgerhards on Tue Jun 24, 2003 11:51 am

Obviously too late for this post, BUT: I after some thinking, I guess that these were not intentional violationsm but automatic Windows logon tries. For example, if you (accidently) click on another workstation or server in Windows explorer, it tries to connect via guest first and if that fails via the currently logged-on user. In your case, this would be the laptop user.

HTH
Rainer
User avatar
rgerhards
Site Admin
 
Posts: 1282
Joined: Thu Feb 13, 2003 11:57 am
Top

Google Ads

Post a reply

Return to Windows Events

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
phpBB SEO

Time : 0.022s | 13 Queries | GZIP : On
cron