Event ID - 1102

Event Id1102
SourceMSExchangeOMA
DescriptionUser tried to access the session belonging to ; request was denied.
Event InformationAccording to Microsoft :
CAUSE :
This event indicates that an attempt was made to use a different set of credentials against a session ID that was captured using a Packet Sniffing application such as Network Monitor.

SOLUTION :
Check the event log for the offending user's name. Investigate whether this was an accident or a malicious attack.
Reference LinksEvent ID: 1102 Of Source ID:MSExchangeOMA

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh