| Event Id | 531 |
| Source | Security |
| Description | Logon Failure: Reason: Account currently disabled User Name: <User Name> Domain: <Domain Name> Logon Type: <Logon Type> Logon Process: <Logon Process> Authentication Package: <Authentication Package> Workstation Name: <Workstation Name> |
| Event Information | According to Microsoft : Cause : The logon attempt failed because the user account used to log on is currently disabled. This restriction is configured on the user account on the local computer or on the domain. Resolution : To resolve this issue,Follow these steps. 1.Click Start, click Run, type Dsa.msc, and then click OK. 2.Expand the domain and then click Users. 3.In the right pane, right-click the user account and enabled the user account. ---------------------------------------------------------- ----------------------------------- CAUSE : The IUSR_computer and IWAM_computer accounts must be turned on for IIS to function correctly. RESOLUTION : To resolve this issue, follow these steps: 1. Log on to your Web server as an administrator. 2. Start the User Manager for Domains program on Microsoft Windows NT 4.0 or the Computer Management snap-in on Microsoft Windows 2000 or Microsoft Windows XP. 3. View the properties for the IUSR_computer or IWAM_computer accounts. 4. Click to clear the Account disabled check box. " |
| Reference Links | Event ID 531 from Source Security Alternate Event ID in Vista and Windows Server 2008 is 4625. HTTP 500 - Internal server error" error message when you try to open Webs while the IUSR account or the IWAM account is turned off Configured Identity Is Incorrect for IWAM Account Server Application Error Message: "The server failed to load application" Tracking Logon and Logoff Activity in Windows 2000 Services and scheduled tasks cannot log on if a smart card is not present in Windows Server 2003 Auditing User Authentication Windows 2000 Security Event Descriptions (Part 1 of 2) Interpreting the NT Security Log - Use the Security Log to track users activities |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.