Re: Logon Error - Event ID 533
- From: Tecknomage <tecknode@xxxxxxxxxx>
- Date: Fri, 05 Jun 2009 03:46:19 -0700
The first link (KB823659) is for systems on domains, does not apply in
my case.
The second (KB160783) is for Workstations, again does not apply in my
case.
Both KB are for networked systems, the problem system is standalone
non-networked.
On Thu, 4 Jun 2009 14:52:31 -0700, "The Real Truth MVP" <trt@xxxxxxxx>
wrote:
Take a look at these articles http://support.microsoft.com/kb/823659--
http://support.microsoft.com/kb/160783/
--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/
*WARNING* Do NOT follow any advice given by the people listed below.
They do NOT have the expertise or knowledge to fix your issue. Do not waste
your time.
David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos.
"Tecknomage" <tecknode@xxxxxxxxxx> wrote in message
news:jtaf25pq6onuimeg754np3fb93a3l0mmoe@xxxxxxxxxx
I'll double check, but I'm sure we overwrite every 30-days. Anyway,
we clear/save all Audit Logs every week, so a full log should not be
the problem.
Also, 2 days ago, I created a dummy account, member Users Group, for
testing. The user cannot logon and no Profile folder is made, as I
would expect.
On Wed, 3 Jun 2009 18:00:09 -0700, "The Real Truth MVP" <trt@xxxxxxxx>
wrote:
Your security Audit log may be full, log in as an admin and delete it. If
that is not it then check out this policy
Computer Configuration\Windows Settings\Security Settings\Local
Policies\Security Options
If this policy is enabled, it causes the system to halt if a security
audit
cannot be logged for any reason. Typically, an event will fail to be
logged
when the security audit log is full and the retention method specified
for
the security log is either Do Not Overwrite Events or Overwrite Events by
Days. The DOD configuration may have their own modifications to that
policy.
--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/
*WARNING* Do NOT follow any advice given by the people listed below.
They do NOT have the expertise or knowledge to fix your issue. Do not
waste
your time.
David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos.
"MageMaster" <tecknode@xxxxxxx> wrote in message
news:cc113a7d-ee03-4b6c-b33e-e27527997cc7@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Neither. This is a DoD system, used where I work. This is why I
stated in my original post that all Security Settings are DoD
mandated. No network connection allowed. Win Updates via our Slip-
Stream CD use in our OEM product. AntiVirus Updates via CD, Symantec
Intelligent Updater.
As stated on my original post, WinXP SP3 was installed from scratch
(WinXP SP2 CD -> SP3 upgrade via CD). I have done this numerous
times.
On Jun 3, 1:39 pm, "Gerry" <ge...@xxxxxxxxxx> wrote:
MageMaster
I am confused. What is this computer to be used for? Is it a home or
office computer?
Have you just installed Windows XP? Have you answered these questions
incorrectly?http://pcsupport.about.com/od/operatingsystems/ss/instxpclean3_2.htm
--
Hope this helps.
Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~
MageMaster wrote:
The "Domain: (deleted)" = "Domain: IS00002"
The system is default WORKGROUP
Both keyboard & mouse are connected directly to this standalone PS/2.
This is a local keyboard, mouse, monitor.
I am assuming the error showing "Domain: IS00002" is what you get
when
using a local logon. So, SHOULD a logon to a non-networked standalone
in a WORKGROUP, have a "Domain" name listed in this type of Event
Error?
OR, is that the error, something in WinXP thinks "Users" are logging
into an actual Domain? BUT, when ANYONE is a member of
Administrators,
they do NOT have a logon problem.
On Jun 3, 10:45 am, "Gerry" <ge...@xxxxxxxxxx> wrote:
MageMaster
What version of Windows XP?
Logon Type 2 - Interactive
This is what occurs to you first when you think of logons, that is,
a
logon at the console of a computer. You'll see type 2 logons when a
user attempts to log on at the local keyboard and screen whether
with a domain account or a local account from the computer's local
SAM. To tell the difference between an attempt to logon with a local
or domain account look for the domain or computer name preceding the
user name in the event's description. Don't forget that logon's
through an KVM over IP component or a server's proprietary
"lights-out" remote KVM feature are still interactive logons from
the standpoint of Windows and will be logged as
such.http://www.windowsecurity.com/articles/Logon-Types.html
http://www.microsoft.com/resources/documentation/windows/xp/all/prodd...
--
Hope this helps.
Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~
MageMaster wrote:
Gerry, the references do not apply. The fixes are for systems using
Domain Servers, NOT un-networked standalones.
On Jun 3, 9:39 am, "Gerry" <ge...@xxxxxxxxxx> wrote:
MageMaster
Some possibilities for you to
consider:http://www.eventid.net/display.asp?eventid=533&eventno=191&source=Sec...
--
Hope this helps.
Gerry
~~~~
FCA
Stourport, England
Enquire, plan and execute
~~~~~~~~~~~~~~~~~~~
MageMaster wrote:
WinXP SP3, System is standalone, not connected to a network
This is the text of the event:
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 533
Date: 6/3/2009
Time: 08:14:05
User: NT AUTHORITY\SYSTEM
Computer: IS00002
Description:
Logon Failure:
Reason: User not allowed to logon at this computer
User Name: dummy
Domain: (deleted)
Logon Type: 2
Logon Process: User32
Authentication Package: Negotiate
Workstation Name: (deleted)
--------------------------------------------------
The "deleted" text is for security purposes.
1) "Dummy" is member of "Users" Group
2) Local Security Settings, Log on locally = Users,
Administrators
Note all Security Settings are DoD mandated.
Even if I create a new account like "Dummy" I get this error.
ONLY if I make a user (ANY user) a member of Administrators can
they logon.
I found the MS TeckNet article:
http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=W...
Also found many hits using Google.
Problem, none provided a fix or even a hint that applies in this
case (Users in Log on locally).
So, WHAT is the fix?- Hide quoted text -
- Show quoted text -- Hide quoted text -
- Show quoted text -- Hide quoted text -
- Show quoted text -
======== Tecknomage ========
Computer Systems Specialist
IT Technician
San Diego, CA
.
- References:
- Re: Logon Error - Event ID 533
- From: Gerry
- Re: Logon Error - Event ID 533
- From: MageMaster
- Re: Logon Error - Event ID 533
- From: Gerry
- Re: Logon Error - Event ID 533
- From: MageMaster
- Re: Logon Error - Event ID 533
- From: Gerry
- Re: Logon Error - Event ID 533
- From: MageMaster
- Re: Logon Error - Event ID 533
- From: The Real Truth MVP
- Re: Logon Error - Event ID 533
- From: Tecknomage
- Re: Logon Error - Event ID 533
- From: The Real Truth MVP
- Re: Logon Error - Event ID 533
- Prev by Date: Re: Logon Error - Event ID 533
- Next by Date: Re: Logon Error - Event ID 533
- Previous by thread: Re: Logon Error - Event ID 533
- Next by thread: Re: Logon Error - Event ID 533
- Index(es):
Relevant Pages
|
