My system log, in just this past week, has 20,000 warning event id:2. Basically, it seems like after the user logs off, the computer is trying to authenticate to the IAS for wireless and is failing because of the policy we have setup.
We have it setup so that only users in the “wireless users” group can authenticate to IAS. I have one user, her computer tried to authenticate from 5PM Tuesday until 8AM Wednesday, literally every 14 seconds. Then at 8:01AM, when the user logged on, authentication was successful.
In the failed events, it will list the user as my company\D3hd334 which it the computer account. For the successful ones, it will say my company\JoeSmith, which is the user account.
So my question is two fold,
1) why are computer accounts trying to authenticate after the user logs off?
2) Is there a way to stop this besides adding the computer account to the wireless users group?
