I have a problem on my network or server !
My server is full of security event 528 & 538 ??? (Logon/logoff message)
This is not a problem but the problem is sometime I get 50 of them in 6 minutes ... for the same USER ... !
& I'm behind a router firewall !
I'm quite sure this is not normal but where should I search ?
+ I have workstation loosing conncetion when they log and leave their computer for a few minutes and comeback to continue their work on the network... they need to relog to get access to network drive again ??
& some account are locking with no reason I set the retry to 3 but the account are locking on account you can't really miss the password ! Like if someone is trying to log from the internet on my server ! I recently add the firewall to prevent that !
I need some help I'm new in a company that before me had no antivirus for exchange, no firewall, was an open relay for spam ! I'm working hard but any tip or Int would be appreciate
Thanks
My server is full of security event 528 & 538 ??? (Logon/logoff message)
This is not a problem but the problem is sometime I get 50 of them in 6 minutes ... for the same USER ... !
& I'm behind a router firewall !
I'm quite sure this is not normal but where should I search ?
+ I have workstation loosing conncetion when they log and leave their computer for a few minutes and comeback to continue their work on the network... they need to relog to get access to network drive again ??
& some account are locking with no reason I set the retry to 3 but the account are locking on account you can't really miss the password ! Like if someone is trying to log from the internet on my server ! I recently add the firewall to prevent that !
I need some help I'm new in a company that before me had no antivirus for exchange, no firewall, was an open relay for spam ! I'm working hard but any tip or Int would be appreciate
Thanks
