Cindy, My initial thought on this, understanding the process, is that everyone is Anonymous when they first hit the server. A record of this 'anonymous' access is made, and the process continues where you actually identify yourself.
Clearly, this is going to be different if you are running a web server, where the access might be mostly anonymous, unless set to some manner of authentication (Windows, Basic, etc.) Now, for more detail, if you want to post some of the records that you're seeing (you should be able to follow the authentication trail via the ID's in the audit records) I can help you identify what is going on and what the anonymous access is all about. It would help to know what type of server this is, as well. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rittenhouse, Cindy Sent: Monday, August 04, 2003 1:35 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Anonymous Logon I successfully upgraded my NT domain to AD yesterday. I now find my DC security log on the PDC emulator filling up twice a day. It is set to 2048 KB, do not overwrite (I have to save them for 3 years). The majority of events are Anonymous logons. Is it normal to have this quantity of Anonymous logons? Cynthia Rittenhouse MCSE,CCNA LAN Administrator County of Lancaster Lancaster, PA 17602 Phone: (717)293-7274 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
