Spurious Logon/Logoff Success Auidt events

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - New Instant Messaging Viruses - Avoid Files & URLs (FYI) New Instant Messaging Viruses - Avoid Files & URLs: http://msmvps.com/harrywaldron/archive/2005/05/01/45335.aspx -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE) & Security Tag: Spurious Logon/Logoff Success Auidt events Tag: 71178
  - 2
    - Cannot authenticate to MS IAS (RADIUS) server using Linksys WAP54G Hi, I'm trying to access to a test domain using PEAP-MS-CHAP V2 using the following setup. 1. One W2K Server (sp4) in mixed mode running (DHCP, DNS, WINS, IAS and Microsoft CA). 2. One W2K Server (sp4) running RRAS and Microsoft ISA server 2000 (sp2). 3. Linksys WAP54G wireless AP (access point). 4. All servers and wireless AP connected to a 10/100 switch. My laptop running W2K Pro (sp4) cannot connect to the domain. Each time, I received a pop up msg asking me if I want to say YES or NO to accept the certifiate, I press YES. Also a username, pw and domain window popped up but each time I entered the information, these two windows kept popping up. Can someone pls help me out here? TIA. Dan Tag: Spurious Logon/Logoff Success Auidt events Tag: 71168
  - 3
    - blocking readnotify.com and other companies I would like to know how I can block information(ip, location, time and date) from going to readnotify.com and the other companies out there every time I open my email. Thx........ Tag: Spurious Logon/Logoff Success Auidt events Tag: 71151
  - 4
    - Do I need to use the SysKey utility to enhance the security? For the Syskey, please refer to http://support.microsoft.com/kb/310105/ Do I need to use the utility? What is the difference between Startup Password & Account Password & the password of BIOS? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71150
  - 5
    - cannot find SKU11.CAB i uninstalled microsoft office 2003 free trial but when it went to install again it stopped because it couldn't find the SKU11.CAB file. im not da only person wiv dis problem can sum1 plz help me im desperate Tag: Spurious Logon/Logoff Success Auidt events Tag: 71136
  - 6
    - Script to set folder security I recently moved the home folders for 900 students to a new 2003 server and when I did I messed up all the folder security settings. The folders name is based on the users login name. Is there a way to run a script that would read the folders name and then set the folders security to give that user full permission, and give a number of other security groups permission at the same time? E.g. user:F Domain Admins:F System:F and teaching:F Tag: Spurious Logon/Logoff Success Auidt events Tag: 71135
  - 7
    - Windows 9x user longer than 5 chars can't log into windows 2003 do Hello, for several weeks windows 9x client can't log into our domain, strange thing is that if the user is less than 6 charecters it can log into the domain, articles has suggested changing the local domain policy NTLM to NTLM 2, but this changes eliminated the abilitiy to log in at all. any one?! suggestions? Regards, Dror Admon Operations & Infrastructure Manager Sheba Medical Center Tag: Spurious Logon/Logoff Success Auidt events Tag: 71132
  - 8
    - Microsoft AntiSpyware - Developer info - How to make installation of non-intrusive ActiveX DLL more user friendly? Greetings all. I was wondering is any developer information is available for microsoft antispyware product. We are a software vendor, who's developing a by-no-means non-intrusive, non-spyware ActiveX control meant to be run inside IE. Our users which have MSAS installed, are getting an "unknown activeX, block-allow?" question once installed although we digitally sign both the installation package and the DLL file itself. Maybe it's possible to get enlisted in the MSAS database? Or anything else? There's very little information regarding this issue on MS website... Tag: Spurious Logon/Logoff Success Auidt events Tag: 71131
  - 9
    - Should I set passwords for the three accounts to enhance the security? Should the three accounts, which are Guest, HelpAssitant,SUPPORT388945a0, be configured strong passwords to enhance the security of OS? Should I disable Guest & default Administrator to enhance the security? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71129
  - 10
    - Hector saftey button Hi I have just d/loaded the hector saftey button(both versions) from the microsoft site. I am using win xp pro with all the latest updates instaled. The exe file will not run and is displaying the error message. "C:\windows\system32\autoexec.nt, the system file is not suitable for running MS-DOS and microsoft windows applications.Choose close to terminate the application." As stressed there are two files of this application one for Win Xp and one for all other systems. I have d/loaded both, both do the same error message. Please please reply to Bernard@ihug.co.nz as well please as i do not go to the newsgroups all of the time. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71120
  - 11
    - password filter -parameter mismatch i have wrote a password filter dll in c++. When i try calling that dll from vb6 it works fine. But when i am trying to install on domain controller i am not getting the correct value for user name and password. I get only one character as user name and password. Do i need to install any lib. on domain controller? My function parameter are as follows BOOLEAN __stdcall PasswordFilter( PUNICODE_STRING AccountName, PUNICODE_STRING FullName, PUNICODE_STRING Password, BOOLEAN SetOperation ) stru defination is typedef struct _LSA_UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING, UNICODE_STRING, *PUNICODE_STRING; Tag: Spurious Logon/Logoff Success Auidt events Tag: 71118
  - 12
    - Can "trusted Computing" be trusted? http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html IM Tag: Spurious Logon/Logoff Success Auidt events Tag: 71116
  - 13
    - RUN TIME ERROR ???? Hello The following error continues to pop on my screen when logging onto limited accounts, and at the same time it does not allow me to log on BUT changing the account to one as a Computer Administrator ... it logs on fine, No Error. ------------------------------------ Run - time error '26001': Failed to set registry value Key:'2147483646', Section: Software\Microsoft\Windows NT\Current Version\Winlogin',Key:'Userinit' to value:" ---------------------------------------- Any help with this error would be mighty appreciated. P.S. I do not want everybody to have Computer Administrator priveeys!! Thankyou much all. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71113
  - 14
    - Please Help!! Security policy Hi to everyone!! I don't know if i'm in the right place or not but i have a question regarding writing a security policy for a company. The client has multiple servers running Novell 6.0 + NT PDC + Memeber Servers windows 200x + Unix SCO servers in the environment. They want to me to write a security policy or what are the procedure when somebody left the company or been fired, when a high ranking IT manager who knows all the passwords and all wants to leave or fired. what to do??? first actions??.... examples like disable account, changing the passwords,at NT + NOVELL + UNIX at e-mail, VPN and so on... Ex: when been fired , the person is escorted to the door. I need help!! i need an exisitng procedure to base on.. Please help ant suggestions. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71108
  - 15
    - Getting windows Security Center to NOT warn of AV not running Running xp home, sp2. Using Sygate firewall, Norton AV 2004, Spy Sweeper, Spyware Doctor, AdAware. Because of the time required for all these to open at boot, Windows Security gets impatient & thinks the AV is off, so it gives me a "balloon" telling me the program isn't running at each startup. Any way to disable this alert? I looked through the Windows Security settings, if it's there I can't find it. TIA Dan Tag: Spurious Logon/Logoff Success Auidt events Tag: 71103
  - 16
    - Failed to initialize crypto API Hi, Is there any way I can run an application that requires ms crypto api (CAPI) without an administrator privileges? I get the following error "Failed to initialize crypto API" when trying to run a ciscosecure app and cisco says that is because microsoft requires admin access to use the crypto api. Is this true? Is there any work around for this since I dont have an admin account, but still need to run the app. Please help! Thank you Tag: Spurious Logon/Logoff Success Auidt events Tag: 71092
  - 17
    - Enabling virus protection Hello The question I am about to ask might sound very silly but it's really bugging me. I've tried day and night and I just can't find where to go to enable the virus protection which comes with Windows XP. Please could some one help me out???? Thanks Phil Tag: Spurious Logon/Logoff Success Auidt events Tag: 71084
  - 18
    - Windows 2003 Server SP1 Removes the MS03-039 Patch Using Windows 2003 SP1 and after running an ISS scan shows that patch MS03-039 needs to be applied. When I tried to apply the MS03-039 patch (Windows 2003 version) it will not install and a message box popped up stating there was already a newer version of the file because a service pack was applied. Did a fresh install of Windows 2003 Server and appled the MS03-039 successfully and ran Windows Update and completed all updates with the exception of SP1. Using the KB824146 scanning tool, it showed the patch was still applied. After applying SP1, the scanning tool showed MS03-039 patch was NOT installed and required investigating. Anyone have suggestions? -- JJ Tag: Spurious Logon/Logoff Success Auidt events Tag: 71082
  - 19
    - Authentication with MAC Is it possible to use IAS to authenticate a wireless card through RADIUS using the MAC address? If it is how would you configure this? Thanks, Ed Tag: Spurious Logon/Logoff Success Auidt events Tag: 71075
  - 20
    - How do I prevent users from using any form of password or other ge There used to be a way in NT4 to update a dll that prevented users from using password or any variation of password as their login password. Is that possible in 2003. I've heard of 3rd party tools but I don't want to spend the money. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71070
  - 21
    - how to disable point-to-point tunneling protocol (pptp) anybody how to disable point-to-point tunneling protocol (pptp), port 1723 on a windows 2000 server? it's a system process but not sure how /what launched it -- poco Tag: Spurious Logon/Logoff Success Auidt events Tag: 71069
  - 22
    - Dialer.WSV Hi, I hope somebody can help me, my pc is infected with a virus called Dialer.WSV and also with a form of adware by the name of adag.exe. Norton will delete Dialer.WSV but will not delete adag.exe. I am unable to manullly delete the adware. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71066
  - 23
    - how to restrict limited user only visiting several websites Windows XP SP2, the administrator account want to restrict limited account only visiting several dedicated websites, and forbidden the limited account visit all the rest websites! My ideal is that disable quering DNC server, and mapping the IP addresses to host names only which I allow the limited account to visit...... But the drawback is that the limited account user can input the IP address directly in browser! Maybe there have other methods to accomplish the hard work! __ Lecter - "Trust No One!" Tag: Spurious Logon/Logoff Success Auidt events Tag: 71060
  - 24
    - Spybot found DSO Exploit I recently installed Spybot & it has found 5 entries re the above, details are: HKEY_USERS\S-1-5-18. Registry Change. HKEY_USERS\S-1-5-21. Registry Change. HKEY_USERS\S-1-5-20. Registry Change. HKEY_USERS\S-1-5-19. Registry Change. HKEY_USERS\DEFAULT. Registry Change. Can I remove these safely without causing any problems please? (As lately I've had quite a few)!! Many thanks Tag: Spurious Logon/Logoff Success Auidt events Tag: 71056
  - 25
    - OWA CITRIX SECURITY Hi there, We have a sytem with one domain and two sites.These 2 sites are connected to internet and eachother through a firewall located in somewhereelse. We are now considering remote acces to exchange server.We have 2 considiretaions. 0ne of them is owa, the other one is Citrix. Which one should I prefer and is more secure? Thanks -- Tag: Spurious Logon/Logoff Success Auidt events Tag: 71055
- Next
  - 1
    - 2003 Enterprise CA, MSCEP - 0 length cert message on cisco 837 rou Hello Everyone, I'm trying to use MSCEP on a 2003 Enterprise CA to request a certificate for Cisco 837 router. When I run the cisco command "crypto ca authenticate TRS-AD-CA" the router comes back with a message "% Error in receiving Certificate Authority certificate: status = , cert length = 0" which indicates that my 2003 CA is not sending anything back for the request. I can successfully request a certifcate from this router when I connect to a 2000 Standalone CA but my new 2003 Enterprise CA is not working correctly. I initially had problems with the 2003 Cert Server installation as IIS was already installed on the server before DCPROMO was run however I followed the Microsoft Knowledge base article (332097) and corrected the security permisions. When I install MSCEP I can see that the CA issues an "Exchange Certificate" and "CEP certificate" but there is still something wrong when trying to get the router to request a cert. I think the CA is okay as I can request other Certs from a web browser etc. and I see my AD Domain servers have automatically requested and received certificates however my MSCEP is failing. Does anyone have any ideas where to look to resolve this problem as I can't find any similar problems on the internet. Thanks in advance, Peter Arians. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71054
  - 2
    - What happened to my OS? I used anti-spyware software Ad-ware to scan my OS. Below is the log: Vendor:Windows Category:Vulnerability Object Type:RegData Size:6 Bytes Location:exefile\shell\open\command "" (%1 %*) Last Activity:2005-4-28 Risk Level:Low TAC index:3 Comment:Possible virus infection, executable file extension compromised Description:General Windows Security Issue. Your system security may be compromised. The specifics of the possible compromised item are listed in the comments section. I have fixed the problem with the software. But what confused me is what and when caused the problem? Thank you. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71052
  - 3
    - Limiting Logon to a Specific Group of Computers I know the method of how to specify what computer a users account can logon on to, but I was wondering if there are any limitations. Somebody told me that I can only limit the number of computers on person can logon to which is 30. Does anyone know if this is true or not? TIA CurtisC Tag: Spurious Logon/Logoff Success Auidt events Tag: 71041
  - 4
    - Password/Authentication Problem Our W2K3 server suddenly (as far as we can tell) started denying access to any user whose account was created, or whose password was changed after some unknown event occured. Any user created before the event and whose password has not been changed can login without dificulty. The problem users receive the "incorrect username or password" message. Any ideas what happened and how to fix it? Thanks! Tag: Spurious Logon/Logoff Success Auidt events Tag: 71040
  - 5
    - Generic Account Password Failures Unfortunately at this time, we are required to provide a generic account to a group of people that are attached to the domain. On occasions, the password will just quit, die, stop working, and we have to reset it. Has anyone else experienced this kind of an issue and was it solved? TIA CurtisC Tag: Spurious Logon/Logoff Success Auidt events Tag: 71039
  - 6
    - Authenticating user's join domain credentials ? --- win32 api ??? Hello Gurus, I have a scenario where I have to validate a given set of credentials, without actually joining a computer to a domain, using the credentials. The information I have username password domain name computer name I am trying to find a windows native/managed api, which would let me do that. I did find some api which would let me Join the computer to the domain and unjoin from the domain. I am sure these api, internally, are using some low level functions/api to authenticate the credentials first before attempting to join the system to the domain. Your answers are highly appreciated. Thanks in Advance. Srikanth Tag: Spurious Logon/Logoff Success Auidt events Tag: 71037
  - 7
    - Root CA Certificate vs Client Cert Expiration I have a very basic security question. If I set up a root CA for my domain and begin handing out all kinds of certs that expire in a year. Do I have to keep renewing those client certs every year or will they automatically pull down a new one upon expiration? Or do I just need to assure that my Root Cert doesn't expire before being renewed? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71034
  - 8
    - Process ownership Hi, I want to control who a process is running as on the fly. Is this possible? LogonUser and impersonation doesn't seem to work because LogonUser doesn't actually start everything needed by that user. VPN connection for example. I see so much about Security IDs and such, is there a way to manipulate the owner of a process while the process is running via these IDs? I don't see any apis that take UN, Domain, and PW like LogonUser. Thanks Tag: Spurious Logon/Logoff Success Auidt events Tag: 71033
  - 9
    - Free Download: Visio Connector for MBSA Visualize the security status of your network with the Visio Connector for MBSA. This free utility allows you to view the results of an MBSA (Microsoft Baseline Security Analyzer) scan in a clear, comprehensive Visio 2003 network diagram. You must have both Visio 2003 and MBSA 1.2.1 for this connector to function. Learn more or download this free utility at http://www.microsoft.com/technet/security/tools/mbsavisio.mspx Sanjay Puri This posting is provided "AS IS" with no warranties, and confers no rights. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71031
  - 10
    - Internet Explorer 6 Hijacked Browser has been highjacked and I have tried the 3 most popular spyware removal tools, Spysweeper,Spybot and Adaware. To no avail. They each detect and remove various spyware but they are all missing the same problem. IE 6 is still being hijacked. Aside from wiping the drive I need some advice or tools to get rid of the malware. Any ideas? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71025
  - 11
    - Cannot change filename I have two very strange folder problems. To start off, I am the Domain Admin and have all rights. My domain is Windows 2003. I have created a folder in my document directory under my home home directory (H:\Docs) and it is called New Folder. I would like to rename it, but the system will not let me. I get the access denied. System is full or write protected message. Looking at the properties, it is Read Only, which I cannot clear, I am the owner. Administrator cannot modify it either. If I log directly on my Data Server (the location of the home directories) as me, I cannot even open the Docs directory. On the same subject but a differnt server, there is a directory that was created to temporarily store data as we moved data around. Now that directory cannot be deleted or renamed. The folder is called hi01 but when you try and delete it, the error message is Cannot delete My New DW Site. Cannot find the specified file. Make sure you specify the correct path and file name. I am out of guesses and any help is appreciated. Steve Tag: Spurious Logon/Logoff Success Auidt events Tag: 71024
  - 12
    - Password Policy Issues Hi all, I've ran into an issue with my password policy. I've changed it on one of my DCs. Replicated out (one site domain, 3 total DCs), can not find any password policy in any other GPOs (gone to the extent of only having my dc policy and default domain polcy enabled) and my changes still won't take effect. This is 2003. I have DCA DCB DCC. Changed the polcy on DCB. Did a gpupdate on my client, no settings take. However, I do say a homepage GPO, do a gpupdate, and immediately takes. Is there something I'm missing? TIA, Joshua Tag: Spurious Logon/Logoff Success Auidt events Tag: 71022
  - 13
    - Automatic Update Problems Hi Yesterday I had a signal for an automatic update download and install. The process proceeded to shutdown and restart at which time I noticed that the update symbol was still in the tray and when selected notified that updates where ready for installation. When I selected install the installation was shown as a failure to install; when I checked the installation history screen it showed a success for the first installation but a failure for all subsequent tries. The machine has been shutdown over night but the update symbol is still active in the tray. How do I remove/shutdown this process? Thanks. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71020
  - 14
    - C:\WINDOWS\system32 any software to monitor this folder C:\WINDOWS\system32 ? that is if any applications want to add something, it need permissions? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71016
  - 15
    - My Domain Security Policy is not Opening.. Hi I have Win2000 Domain Controller logged in as administrator having full rights. Problem is : I could not able to open Domain Security Policy or Domain Controller Security Policy. We would like to apply some policies. But Domain Default Policy Editor is not opening at all. Its showing a message like "you dont have appropriate permissions. Details : The System Cannot find path." That is the message i m getting whenever i tried to open Domain Security Policy and Domain Security Policy. Please help me in this. Thanks and Regards Rajam. Tag: Spurious Logon/Logoff Success Auidt events Tag: 71014
  - 16
    - how can i add certificate to kerbrose hi how can make authentication of kerbrose v5 stronger with machine certificate without ipsec please help me thank u Tag: Spurious Logon/Logoff Success Auidt events Tag: 71010
  - 17
    - AzMan with 2000 mixed DC We are deploying an application which uses AzMan, with the store in AD, and have just discovered that it won't work with the production DC which is Windows 2000 in "mixed" mode. For AzMan to work it has to be a Windows 2003 "native" mode which is not possible as there are Unix machines in the domain. We need to preserve the windows authentication capabilities in AzMan, against users and groups in the existing (windows 2000 mixed) domain. Would a separate Win2003 domain with trust relationship to the primary domain be a solution? If so would users need to be replicated to the Win2003 DC? Can anyone suggest other alternatives? Tag: Spurious Logon/Logoff Success Auidt events Tag: 71009
  - 18
    - Error 1003 I've a problem with error 1003. Once a day (twice) I have a blue screen error. I've read many articles, here you have definition: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/errors_1001_through_1010.asp and other from support.microsoft.com. I supposed that it could be a virus (read on Microsoft site) but checked and no viruses were found (with Ad-Aware & MKS, bit defender caused my system to crash- error with regspy.sys (blue screen)- it's a file which belongs to BD and I'd waited for 3 minutes (!) to haveTask Manager oppened, so I removed BD with ACE Util (with Microsoft Windows error reports oppened in the background- if closed, blue screen appeared :|. It has a number 0x00000050 (STOP ERROR). I've also checked logs in the Administrative Tools (Computer Management) and I've got a message that it was a System Error in Category 102 Number 1003: Error Code 000000d1, parameter 1 000000b1, parameter 2 00000002, parameter 3 00000000, parameter 4 f743d205. I've no idea what could it be, I don't cause my system to crash, it must be an internal system problem. My system has 4 days (format). Do you think that it could be a memory or chipset problem? Or just a software? I have Win XP Pro with SP1. My computer: AMD Athlon 64 3200+ BOX (Socket 939) Winchester Microstar K8T Neo2-FR/939 (MS-6702E-020) Via K8T800 (I've installed new drivers now!) Seagate 160 GB Barracuda 7200.7 ST3160827AS 8MB Serial ATA / NCQ (I had to install drivers (on floppy) during the installation) Kingston HyperX DDR 2x 512MB PC-400 (KHX3200ULK2/1G) CL2 Nvidia GeForce FX 5900XT Gainward (has 10 days, I'had no problems on the old system XP Pro sp1- the same) Modem Thomson SpeedTouch USB (new, was 2 days working on the old system, no problems) Logitech UltraX Flat Keyboard OEM Creative Optical Mouse 3000 Lite-On SOHR-5237S bulk (x52/x32/x52) Neotec V4200 Please help, Paula Tag: Spurious Logon/Logoff Success Auidt events Tag: 71003
  - 19
    - Windows 2003 SP1 and CHM files over a network connection Hi, I have recently upgrade a windows 2003 server to sp1 and have found that I have a problem with chm files that are opened from a network drive or resource. The following article explains this and gives suggestions on a resolution. However the article talks about topics missing not the content pages not displaying. http://support.microsoft.com/kb/896054 When I copy the file from the network drive to the local desktop the chm file opens fine and displays correctly. Can anyone explain why this doesn;t work its driving me nuts. Thanks, Andy Tag: Spurious Logon/Logoff Success Auidt events Tag: 71001
  - 20
    - Antivirus what antivirus do you use ? -- catchyogi ------------------------------------------------------------------------ catchyogi's Profile: http://forums.techarena.in/member.php?userid=3298 View this thread: http://forums.techarena.in/showthread.php?t=88520 Visit - http://forums.techarena.in/archive/index.php/ Tag: Spurious Logon/Logoff Success Auidt events Tag: 70999
  - 21
    - Obvious manipulation of e-mail headers - what good are they? Received: from %STATIC_3WORD (IMLI-852-880.%S_1FROM_DOMAIN [%LIST_IP] (may be forged)) by %STATIC_2WORD.%S_1FROM_DOMAIN (MOS 3.3.6-GR) with ESMTP id DLT75284 (AUTH %STATIC_3WORD-02) ; Thu, 28 Apr 2005 01:37:32 -0200 (IST) Date: Wed, 27 Apr 2005 22:39:15 -0400 (EDT) Date-warning: Date header was inserted by ms-mta-03.nyroc.rr.com From: Martha Peck <iheskhfcbe@action.com.au> Subject: Message subject To: dverdow@nycap.rr.com Message-id: <3kmqqq$ehe806@orngca-mx-03.mgw.rr.com> MIME-version: 1.0 Content-type: TEXT/PLAIN Content-transfer-encoding: 8BIT Nothing in these (partial) headers has any relation to the real world. = Everything is made up. But not by me by the sender. Now what good are = headers anymore? I can answer that. It's easy. It gives the ISP of = the spammer an excuse used to deny they are enabling the spammer - dah! --=20 George Hester _________________________________ Tag: Spurious Logon/Logoff Success Auidt events Tag: 70997
  - 22
    - Modify Default User Template in Certificate Server I am running Win 2003 Enterprise......and I can create version 2 templates....but I need to modify the default user template used by the web enrollment... is this possible or would it be better to modify the web enrollment code? Thanks Tag: Spurious Logon/Logoff Success Auidt events Tag: 70994
  - 23
    - Impersonating accounts Hi, I am logged into Windows as User A and running a service under Local System account. This service is trying to find a certificate that is in the user store (not the local machine store). To search for the certificate, I assume I have to impersonate the user (User A) programmatically. The impersonation functions are returning successfully and I am able to find the certificate. However, the problem is that although the impersonation functions are working, they do not load the registry hive for User A. So if I am logged in to Windows as User B (or even logged out), the certificate searching fails. How can I programmatically load the registry hive for a specific user? Thanks, Mat. Tag: Spurious Logon/Logoff Success Auidt events Tag: 70993
  - 24
    - Security update dated 2/13/2002? I have been receiving notices and installing critical updates on a regular basis for years, but I am now receiving notification of a security update dated February 13, 2002 MSXML 4.0. I'm not sure if I should download and install this update or not. Does anyone know why I am suddenly receiving notification of a security update which is more than three years old? Tag: Spurious Logon/Logoff Success Auidt events Tag: 70989
  - 25
    - Error: 801 using mbsacli.exe on Windows NT 4 server I am using the mbsacli.exe utility to scan a Windows NT 4.0 server. The command line I use is as follows: mbsacli -HF -v -s 1 The error I recieve is as follows: Information Error: 801 - No XML was loaded for the language of the machine. Does anyone know what is causing this error? Tag: Spurious Logon/Logoff Success Auidt events Tag: 70987

I did an in-situ upgrade of a Win 2K domain controller to Win 2K3. Now I get
heaps of Success Audit events in the Security log. Ther are all 540, 538,
576 (logon/logoff) most from the server itself.

Any ideas why this is happenning?

TIA

Patrick

Top

Re: Spurious Logon/Logoff Success Auidt events by Steven

Steven
Mon May 02 22:43:52 CDT 2005

Windows 2003 by default enable a lot of auditing by default unlike Windows
2000. For a domain controller you may want to disable auting of "logon"
events but leave auditing of "account logon" events in Domain Controller
Security Policy. --- Steve

"Patrick" <Patrick@discussions.microsoft.com> wrote in message
news:3D410993-CBDF-4FA7-9821-A06230E19456@microsoft.com...
>I did an in-situ upgrade of a Win 2K domain controller to Win 2K3. Now I
>get
> heaps of Success Audit events in the Security log. Ther are all 540, 538,
> 576 (logon/logoff) most from the server itself.
>
> Any ideas why this is happenning?
>
> TIA
>
> Patrick
>
>

Top