nv-l
[Top] [All Lists]

[nv-l] Authentication failure traps from Windows clients

To: <nv-l@lists.us.ibm.com>
Subject: [nv-l] Authentication failure traps from Windows clients
From: "Glen Warn" <Glen.Warn@pemcocorp.com>
Date: Tue, 30 Aug 2005 11:39:50 -0700
Delivery-date: Tue, 30 Aug 2005 19:39:59 +0100
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com
Thread-index: AcWtkjSEyYzJrmg1SWWJ3k/I2YKohg==
Thread-topic: Authentication failure traps from Windows clients
Running 7.1.4 FP3 on Redhat AS2.1
I am being bombarded with auth failure traps from some of my Windows 200x servers  (not even a majority).  Odd part is I can do a demand poll and run a sniffer trace at the same time.  I see the poll run successfully (using the appropriate RO community string) then the same server issue an auth failure trap back to Netview (I have all my servers set to do this so I can detect rogue queries)  None of my traces reveal any other boxes trying to run queries (what I had assumed in the beginning)
 
I think this has been happening for a long time (all along?) but just became aware of a big problem because I accidentally hidden from myself thru event configuration (setting to "Don't display or Log") that I used a long time ago to debug something but never reverted. 
 
Any ideas?  I have tried changing the comm strings to something basic, put in a host specific snmp config, etc.  The devices are scattered across 5 different companies and dozens of subnets.
 
In the mean time, I believe this flood of traps is severely hampering Netviews ability to process other traps (because there are so many coming in non-stop)
 
Glen Warn
PEMCO Corporation Computer Services (PCCS)
206-628-5770
 
<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web