UltimateWindowsSecurity.com Forum / Ultimate Windows Security Forum / Security Log / 627 - Change Password Attempt / Caller of 'NT AUTHORITY\anaonymous logon' or Computer Account / Latest PostsInstantForum.NET v4.1.4UltimateWindowsSecurity.com Forumhttp://forum.ultimatewindowssecurity.com/noreply@ultimatewindowssecurity.comThu, 17 May 2012 09:02:14 GMT20RE: Caller of 'NT AUTHORITY\anaonymous logon' or Computer Accounthttp://forum.ultimatewindowssecurity.com/Topic322-74-1.aspx627s by anonymous are nothing important. First 627 is where a user is trying to change their own password not an admin setting someone else's password (628). 627, internally are handled by Windows as a logon and that's why you are seeing anonymous.</P><P>627s by a computer account are no big deal. Each computer has it's own account in AD and it regularly has to change its own password like any other user.Wed, 10 Mar 2010 17:25:28 GMTRandyFranklinSmithCaller of 'NT AUTHORITY\anaonymous logon' or Computer Accounthttp://forum.ultimatewindowssecurity.com/Topic322-74-1.aspxI have a number of event 627s where the Caller is '<SPAN lang=EN>NT AUTHORITY\anonymous logon' ... What would generate these ???</SPAN></P><P><SPAN lang=EN>Also, for 627s where the Caller is a computer, can these safely be ignored as normal system operations ???</SPAN>Tue, 09 Mar 2010 16:18:31 GMTronbo