Security Events / Object Access / Failure audit
From: ScottT (ScottT_at_discussions.microsoft.com)
Date: 02/18/05
- Next message: Richard Smith: "Logon scripts not running upon login"
- Previous message: razdanro: "Re: Adding local accounts to domain user group"
- Next in thread: gordonah: "RE: Security Events / Object Access / Failure audit"
- Reply: gordonah: "RE: Security Events / Object Access / Failure audit"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 18 Feb 2005 02:31:04 -0800
Hi,
I've enabled the Audit on "object Access" on some XP SP2 workstations.
My Security event log is full of events such as:
Source: Security
Category: Object Access
Tyope: Failure audit
Event ID: 560
User: XXX
Computer: YYYY
Description
Object Open:
Object Server: Security
Object type: Mutant (or Event)
Object Name: \BaseNamedObjects\ZonesLockedCacheCounterMutex
Handle ID: -
Operation ID: {0,92870}
Process ID: 1692
Image File Name: c:\windows\explorer.exe
Primary User Name: Administrator
Primary Domain: <<computername>>
Primary Logon ID: (0x0,0x 130BD)
Client User name: -
Client Domain: -
Client Logon ID: -
Accesses: DELETE
READ_CONTROL
WRITE_DAC
WRITE OWNER
SYNCHRONIZE
Query Mutant State
Can some one tell me to which topic is it related to or to explain me what
such message means ?
Thank you very much.
ScottT
- Next message: Richard Smith: "Logon scripts not running upon login"
- Previous message: razdanro: "Re: Adding local accounts to domain user group"
- Next in thread: gordonah: "RE: Security Events / Object Access / Failure audit"
- Reply: gordonah: "RE: Security Events / Object Access / Failure audit"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
