Sometimes in some of computers in my domain when I check their eventlog, I see some events about other users logon in their security log like below:
------------- Event Type: Success Audit Event Source: Security Event Category: Logon/Logoff Event ID: 538 Date: 2006/09/27 Time: 10:09:32 ?.? User: S-1-5-21-727744907-765012080-2873131892-1146 Computer: COMPUTER-25 Description: User Logoff: User Name: bahra-f Domain: itdomain Logon ID: (0x0,0x1F256B) Logon Type: 3 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. -----------
That the Computer-25 is the name of computer and bahra-f is the username of other user in the domain that can't logon on this computer.
What's the meaning of this security message log?
In my domain everybody can logon just on her or his computer and all of them is Win XP pro sp2 and the domain OS is Win Server 2003 R2.
Now for some of users everyday the security log become full and they can't logon and I should clear their logs.
Could you please help me?