Issue Updates are failing and Security Event 529 is logged on the Domain Controller by local SophosSAU accounts.
Sophos product and version Sophos Anti-Virus for Windows 2000+
Operating system Microsoft Windows Server
HKLM\Software\Sophos\AutoUpdate\Service\ Download User=<DOMAIN>\<USER> with relevant password
Download User=<DOMAIN>\<USER> with relevant password
The following event is logged twice in the Security log in the domain controller:
Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 529 Date: date Time: time User: NT AUTHORITY\SYSTEM Computer: domain controller computer name Description: Logon Failure: Reason: Unknown user name or bad password User Name: Sophos_ALC_Service Domain: client computer name Logon Type: 3 Logon Process: KSecDD Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Workstation Name: client computer name For more information, see the Microsoft Help and Support Center at http://support.microsoft.com.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.