Random MS DTC problem

A couple of strange warnings in the Security event log always occur when then transaction fails:
Log 1:
Event Type: Failure Audit
Event Source: Security
Event Category: Account Logon
Event ID: 680
Date:  2008-2-20
Time:  9:43:10
User:  NT AUTHORITY\SYSTEM
Computer: ****
Description:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
 Logon account: ****$
 Source Workstation: ****
 Error Code: 0xC0000064

Log 2:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 529
Date:  2008-2-20
Time:  9:43:10
User:  NT AUTHORITY\SYSTEM
Computer: ****
Description:
Logon Failure:
  Reason:  Unknown user name or bad password
  User Name: ****$
  Domain:  WORKGROUP
  Logon Type: 3
  Logon Process: NtLmSsp
  Authentication Package: NTLM
  Workstation Name: ****
  Caller User Name: -
  Caller Domain: -
  Caller Logon ID: -
  Caller Process ID: -
  Transited Services: -
  Source Network Address: IP ADDRESS
  Source Port: 2044

=========================
If the two machines are in different domains, then this is likely what is happening:

When DTC negotiates a connection with another transaction manager, it will always attempt a secure connection first. If this fails, and security is disabled for DTC, then it will attempt a connection without passing any credentials.

In the above scenario the two servers enlisting in a transaction were in seperate domains. When DTC would try to connect with DTC on the remote server, it did so in a secure manner and passed the machine account. This account did not exist in the domain of the remote server, which resulted in the failure audits in the security logs with an HRESULT of 0xC00000064. This error code means no such user exists. DTC then attempted an unauthenticated connection that was
successful and allowed the application to work.

A Netmon trace should show you this behavior.

============================
The above content is from the following POST.
http://www.winserverkb.com/Uwe/Forum.aspx/exchange-admin/57957/Security-Failure-for-an-administrative-account