I'm getting this error in the event viewer: "The account "name of acct" was unable to logon as its disabled." I'm also getting this error in the Security log: "Logon failure for same Account, logon process IIS Logon type is 2." I'm using Windows 2000 Service pack 4, IIS 5.0.
I tried searching for files (NTFS permissions), IIS virtual directories, and COM+ services where this account is given permission but could not find any. Can you please where else should I check for this account being used?
If you're asking where the requests are initiating from, check your IIS usage logs. Also, there may be a scheduled task or service that has been configured to use the account.
This was first published in January 2004