So we are using Rapid Recovery 6.3.0.5309
I'm getting a bunch of Audit Failures in the event log related to my admin account. I can't find where my account is used.
The Quest Rapid Recovery Agent is set to LogON with Local System account. I checked all of the settings in Rapid Recovery for the server but i can't find it.
Here is the event log entry:
An account failed to log on.
Subject:
Security ID: SYSTEM
Account Name: "Server Name"
Account Domain: "domain"
Logon ID: 0x3E7
Logon Type: 4
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: "my admin account"
Account Domain: "domain"
Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC000006A
Process Information:
Caller Process ID: 0x9c8
Caller Process Name: C:\Program Files\AppRecovery\Agent\Agent.Service.exe
Network Information:
Workstation Name: "Server Name"
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0