Tigger said:
We have a windows 2000 domain with windows XP Pro as clients. There are a
few clients that are not part of the domain. When these clients try to
browse the network, it generates a logon failure event log on all the domain
computers. Why does this happen?
Probably not due to the (initial) browsing per se, but
to the user selecting a server (expanding its share list)
or actually trying to logon or use those shares.
It does this because that is an attempt by the user to
authenticate in a domain in which they have no account,
or at least in which there computer has no account and
thus is in fact an authentication failure.
What can I do to prevent it from
generating that logon failure in the event log?n the event log?
You could turn off auditing, or write a program to extract the
event logs and ignore those from selected machines but probably
best would just to be for you to join all of the computers to the
domain, give everyone an an account in the domain, and then
remove any local accounts so they will be forced to use the
domain account.
You could also put the non-Domain machines in a workgroup
whose name does not match the domain, in that case the domain
should not show up in the browse list (each domain or workgroups
list is maintained separately and only a Domain Master Browser
swaps lists with other domains -- workgroups have no DMB.)