2 Replies Latest reply: Jun 12, 2013 5:00 PM by garrett88
Christopher Mills2 Level 1 Level 1 (10 points)
I've had some Windows admins moaning at me because the Macs are generating a huge amount of network traffic at one of my sites. 16,000 entries in two days, to be precise!

It doesn't appear to make a difference if the users are logged in or not; these errors appear in the Security Log in AD:


Type: Failure Aud
Category: Account Logon
Event ID: 675
User: NT AUTHORITY/SYSTEM

Description

pre-authentication failed:
User Name: f-mac-011$
User ID: FLINDO\f-mac-011$
Service Name: krbtgt/FLINDO.INTERNAL
Pre-Auth Type: 0x2
Failure Code: 0x18
Client Address: 10.134.48.7


There is nothing abnormal about the way the Macs are functioning, aside from a few ups/down in the logs for the ethernet port. I have established that the account originally used for binding to AD has been disabled. Could this be the source of the problem? It's awkward to try and diagnose with no access to the Win Server and admins who automatically throw the blame at the Macs :/

Mac OS X (10.6.4)