I have seen this before as well. I know that this sounds strange but could you detect a change in hair color of the icon? Grey hair representsan account that has been modified but replication has not yet been completed. A SID of 1008 at the end usually represents an account that us user defined. The group membership of the account is interesting. The "Network" group is a System related group that is self generated like the everyone group as well as the interactive group. I might be a little in left field but a sid ending in 1008 is the 7th account you created. You might want to run user2sid/sid2user to determine which acount it was. my 2 cents. kevin Dan Cuthbert wrote: > Is this machine part of a Domain? if so that is normally the domain acc > > * Mark Fagan (Mark.Faganat_private) Tapped away: > > While setting additional privileges on a Win2k webserver I noticed that > > certain privileges (logon as batch job, act as part of o/s, logon locally > > and network) were applied to a very strange account - > > *S-1-5-21-527237240-162531612-725345543-1008 which is not seen as a user > > account. Any ideas folks ? > > > > Mark Fagan > > TDA > > Esat Business > > 1 Grand Canal Quay > > Dublin 2, Ireland. > > E mark.faganat_private > > www.esatbusiness.com > > > > > > > > > > > > ************************************************************************ > > This email and any files transmitted with it are confidential and intended > > solely for the use of the individual or entity to whom they are addressed. > > If you have received this email in error please notify the system manager. > > > > http://www.esatbusiness.com > > > > Subscribe to the Esat Business Online Magazine: > > http://www.esatbusiness.com/news/subscribe.asp > > > > Subscribe to REALISE - the online magazine from BT Ignite: > > http://www.btignite.com/realise > > > > ************************************************************************ > > > > > > ---------------------------------------------------------------------------- > > This list is provided by the SecurityFocus ARIS analyzer service. > > For more information on this free incident handling, management > > and tracking system please see: http://aris.securityfocus.com > > > > Dan Cuthbert > Network Security Consultant > IdSec > Key fingerprint = 9BFB 60F1 1B46 F9F0 4E2C 84A6 8D04 E771 54A6 1116 > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com -- v/r Kevin Steiner MCT, MCSE, MCSA, MCDBA -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP 6.5.8 mQENAzzM1coAtAEIAMqRBVu8bA/eEEcqGyFQ0pwuc22wvV5cpeE5LVcgjwXabdV1 A3pVzEAJsuGTrq77VcQTwusmCcZPErQXx0IQRyIrWRm0oukJsN7ZR3k5uv58F26G 8JUW2TYzBGmpb0EzR/LphNqG71958ZEvWaxS6Ks1FCyopU51MmF7daDJ89pXrCwY lXp2pojKFP+aqYZ+abGRXNyNrRhfsmmIo+Vl5jZ/5INPuWThI1J1wj8eyQiVeXAc V9ZuTKxWGPnRkWiuwLl3lEkQtDqcYcGM+FOgxfhMHb97jYF5kbFTmpLs4BRroqNp i6B4dMRZgGx1d/0jDpmQ0zkHR3akTv4W7qK4ogUABRG0JEtldmluIFQuIFN0ZWlu ZXIgPGtldmluQGt0c3RvbmUuY29tPokBFQMFEDzM1cpO/hbuoriiBQEBXn8H/iGw RBEq/tCJdm3BPq/Gf8vA3872QM3c9ri90NgP9Ixh//Mxp8F+57nsjp/2fcOQs3xl g9gwGENc4Q8iDJgnMF3vfyeI/VL/XZfHJqEfDAASU3SLJca4qC0NISMF4B7L8OrQ d86oGjUczBcofZQJEUhfvc3ztbNoPm4+xZKWDgtIrpiqdYGTMd5Vr3P0ImKQnpSm JVr8r3Cb5YZteRRsDNuTlGuOPIqIKyc10TH5r0g50j953oZbIlA2EtTOrLIqccHH r/kZrO9Y6Rl6lCLLW36QkUXAJWJGFIlb6n5fHUboUFdTPx+/S/BfV1LIQdanmn2v 8hlIbwRF7gqIQQDIFKY= =DD3g -----END PGP PUBLIC KEY BLOCK----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue May 28 2002 - 15:06:07 PDT