I'm hoping this is the right section but this problem has been proving somewhat aggravating. We have multiple, seperate domains that we have need to monitor. We have several tools using WMI to monitor server statistics, but we've noticed that if the monitoring machine is in a different domain than the target machine it creates a pair of security audit failure entries in the event log. The WMI tools are set to use appropriate domain credentials for each server and succeed in retrieving the requested information; it is clearly using the "good" credentials along with the "bad" ones. Is there anyway to get devices from two domains to talk to each other without creating these events aside from creating seperate monitoring systems within each domain? Event Type: Failure Audit Event Source: Security Event Category: Account Logon Event ID: 680 Date: 1/3/2012 Time: 10:31:44 AM User: NT AUTHORITY\SYSTEM Computer: Servername Description: Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: Username Source Workstation: Machinename Error Code: 0xC0000064 Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 529 Date: 1/3/2012 Time: 10:31:44 AM User: NT AUTHORITY\SYSTEM Computer: Servername Description: Logon Failure: Reason: Unknown user name or bad password User Name: Username Domain: Machinename Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: Machinename Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: IP Address Source Port: 56345

Hi, If your server is running Windows Server 2003, please first apply this hotfix: Authentication of trusted users fails on a Windows Server 2003-based server if the UPN format is used and if the value of the LmCompatibilityLevel entry is equal to or larger than 3 http://support.microsoft.com/kb/947861/en-us Hope it helps. Regards, Bruce

Hi, If your server is running Windows Server 2003, please first apply this hotfix: Authentication of trusted users fails on a Windows Server 2003-based server if the UPN format is used and if the value of the LmCompatibilityLevel entry is equal to or larger than 3 http://support.microsoft.com/kb/947861/en-us Hope it helps. Regards, Bruce