SamChangePasswordUser2

I am constantly receiving the following message in the
passwd log file on a server running sbs 2000. Does anyone
know if this is a hack attempt / how to prevent?

12/15 10:34:02 Attempting password change server/domain
<domain name> for user TsInternetUser
12/15 10:34:02 SamChangePasswordUser2 on machine
\\<server> for user TsInternetUser returned 0xc0000022
12/15 10:34:02 SamChangePasswordUser2 retry on machine
\\<server> for user TsInternetUser returned 0xc0000022