R
Reno Mardo
Guest
Windows Server 2008 R2
we've been experiencing a lot of 4776 with different account name being used. although i have all necessary auditing enabled, the problem is Windows is not providing the IP address of RDP connections.
so i found this link
and planning to implement. i would just like the feedback from the community on possible problems that might be encountered specially since it talks about disabling NTLM.
at the moment, i'm auditing NTLM incoming connections to my DC as a sort of taking note who/what uses them.
Continue reading...
we've been experiencing a lot of 4776 with different account name being used. although i have all necessary auditing enabled, the problem is Windows is not providing the IP address of RDP connections.
so i found this link
and planning to implement. i would just like the feedback from the community on possible problems that might be encountered specially since it talks about disabling NTLM.
at the moment, i'm auditing NTLM incoming connections to my DC as a sort of taking note who/what uses them.
Continue reading...