Documente Academic
Documente Profesional
Documente Cultură
Commissioned by:
Brought to you by
Speaker
Isaac Thompson Director of Engineering and Training
2009 Monterey Technology Group Inc.
Logons
2 kinds of accounts
Local computer SAM AD domain accounts
Logons
2 kinds of logons
Interactive Network (aka remote)
Drive mapping
Network logon
Domain
Local SAM
Authentication
Computer that checks the accounts credentials
Different computers
User logging onto workstation or member ith domain account i t server with d
Logon events
Authentication events
2004-2006 Monterey Technology Group Inc.
10
11
Domain accounts
Each domain controller
Local accounts
Each workstation and server
12
13
14
Interesting point
Logon/Logoff category on domain controller does not log failed logons occurring on workstations or member servers even though user is a domain account
Bottom Line
Bottom Line
Brought to you by
Speaker
Isaac Thompson Director of Engineering and Training
2009 Monterey Technology Group Inc.
EventTracker
slafferty@prismmicrosys.com www.prismmicrosys.com/ /
10