Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 20187 Source: RemoteAccess

The users <domain name>\<user id> failed an authentication attempt due to the following reason:  The current configuration only supports local user accounts.
This event was caused by a problem with the profile in RRAS remote policies. I deleted and then recreated the policy, which recreated some of the default policies.
This error appears if you try to access a Win2K server running RRAS and the server is not a domain member (i.e. itís just a standalone in a workgroup). As indicated in one of the existing posts the solution is in fact to use the server name in place of an actual domain name when attempting to log in. For example:
- Server is called: <sever1>
- Workgroup is called: <workgroup1>.
When logging in remotely the user would enter the following credentials:
- User: <username>.
- Password: <password>.
- Domain: <server1>.
Leaving domain blank or setting it to <workgroup1> will cause authentication failures.
From a newsgroup post: "This event was caused by a SPACE character in the Domain box on my WinME system. I couldn't get rid of it from the DUN properties Security tab even after a successful logon, so the simple cure was to edit the registry HKEY_CURRENT_USER\RemoteAccess\Profile\<DUN name> and delete the "Domain" string.
From another post: "The solution is to enter the host computer name in the field marked "Domain" on the client computer password dialog."

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to



Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.