Forum Discussion
Username failed to authenticate with clear text credentials using LDAP simple binds
ATA event shows that %Username% failed to authenticate with clear text credentials using LDAP simple binds on server servername. But, on the server I couldn't any process, service, task with %usernam...
EliOfek
Microsoft
MicrosoftToza62 The process tha tis doing so is probably not running locally on the DC, it's most likely on the source computer, was that the "Servername" you mentioned?
make sure we resolved it correctly, export the alert to excel and verify that we matched the IP to the correct machine name, to make sure you are looking on the correct machine.
If yes, try running netmon 3.4 on the machien to locate the process which invokes the LDAP failures.
if it happens that rapidly you might be able to spot if with a few minutes of capturing...
Yes, exactly. I have source IP address, I checked servers logs (especially security logs ), tasks, services.. etc., but I cannot find nothing with %username% credentials. I will try with netmon 3.4.
Thank you for help.
Thank you for help.
