Re: Event ID 513 not logged at shutdown
From: Rainer Gerhards (rgerhards@adiscon.com)
Date: 02/21/03
- Next message: Banks: "How do I subscribe to msn newsgroups"
- Previous message: Shezi: "I have to run explorer.exe manually"
- In reply to: John Doe: "Event ID 513 not logged at shutdown"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rainer Gerhards" <rgerhards@adiscon.com> Date: Fri, 21 Feb 2003 10:00:11 +0100
Hi,
I am not sure if that is totally correct, but I remeber that 513 simply does
not show up in reality on all OS builds...
Rainer Gerhards
http://www.monitorware.com
"John Doe" <no.email@thanks> schrieb im Newsbeitrag
news:036301c2d8f4$0e41d350$3001280a@phx.gbl...
> Hi,
>
> Running NT4SP6a
> User Manager, Policies, Audit, Audit these events, checked
> ALL boxes.
>
> Shutdown the box.
> Restarted.
>
> Checked Security Log and cannot find event ID 513 for the
> shutdown, although event ID 512 does show up indicating
> the startup.
>
> Checked Q299475 and Q174074.
>
> I need to determine what user initiated the shutdown.
>
> What did I miss?
>
> Thanks!
>
> John
- Next message: Banks: "How do I subscribe to msn newsgroups"
- Previous message: Shezi: "I have to run explorer.exe manually"
- In reply to: John Doe: "Event ID 513 not logged at shutdown"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
