Hi all
Today I was checking our AD security logs and I found Event-ID 4738
User account was changed. BY ANONYMOUS
and the only changed attribute was password last set for a valid user account.
what I can't understand how ANONYMOUS is doing this change???
all our DC's running windows 2012 r2 with windows server 2008 function level.