Domain administrator with several failed authentication attempts on DC

Rodrigo Catarino 0 Reputation points


We have the "administrator" domain account disabled as the best practice says.

I have 200k+ daily failed login attempts from that user from my domain controller to the same machine.

The logon service attempt is from krbtgt/MYDOMAIN but as the account is disabled the authentication fails.

How can i validate/correct this?

Kind regards,

Rodrigo Catarino

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,600 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,214 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Anonymous

    Do you have a screenshot?

  2. Anonymous

    There may be a better method.

    --please don't forget to upvote and Accept as answer if the reply is helpful--