More details can be found here.
https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc
--please don't forget to Accept as answer if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
according to MS
Monitor patched DCs for event ID 5829 events. The events will include relevant information for identifying the non-compliant devices.
but this event did not even point what was the source of that !!!!
How can I figure out which device cause that events ? - I got zounds of such events.
More details can be found here.
https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc
--please don't forget to Accept as answer if the reply is helpful--
Update the device, service and/or appliance that sets up the vulnerable Netlogon connection to support secure RPC with Netlogon secure channel. For Windows-based devices, this means updating them with the latest Windows Updates.
Check to ensure that the Domain member: Digitally encrypt or sign secure channel data (always) Group Policy setting is set to Enabled.
Use the "Domain controller: Allow vulnerable Netlogon secure channel connections" group policy to add non-compliant accounts. This should only be considered a short-term remedy until non-compliant devices are addressed as described above.
Hope this information can help you
Best wishes
Vicky
I read this https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc
still - i cant find any info about source computer/user causing that event - while description is : "The events will include relevant information for identifying the non-compliant devices."