Event ID: 529 Logon Failure Reason: Unknown user name or bad password. User Name: 1A Domain: Joejj21~Bcd Logon...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Type: 2 logon Process: Authentication Package: Negotiate Workstation Name: XPSystem
It appears to me that the domain user is logging on to this system and typing the password together with the username.
I am puzzled as to why I would see "Joejj21~Bcd" in the Domain field instead of our domain name. Is someone trying to access another domain or is this a bug in Microsoft?
I also see Event ID 537 with the same User Name: 1A and Domain: Joejj21~Bcd when Event ID 529 occurred in the security log.
Dig Deeper on Endpoint security management tools
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.