-
Title
Multiple Audit Failure Event 4776, Microsoft Windows Security auditing -
Description
Multiple Informational Audit Failure Event 4776, Microsoft Windows Security auditing from Event Viewer pointing to the server where Reporter is installed.
-
Cause
Reporter attempts to validate credentials for Reports with "Null Password".
There are two versions of this attribute, "Null Password" and "Null Password with Agent".The null password attribute attempts to authenticate with the target account with no password, if this succeeds then the account has no password.
-
Resolution
Use a "Null Password with Agent" instead of "Null Password"
1.Deploy an Agent from the Configure utility to a Domain Controller. This agent will check the null password without attempting to authenticate as the user.
2.Check the Scheduled Collections to see if the null password Report is included and change them to Null Password with Agent