Re: Event log Error codes
From: Steven L Umbach (n9rou_at_nscomcast.net)
Date: 05/26/04
- Next message: Steven L Umbach: "Re: Deny account management to certain administrative users"
- Previous message: Steven L Umbach: "Re: Firewall"
- In reply to: anita.geogre_at_lmco.com: "Event log Error codes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 May 2004 23:41:05 GMT
Try posting them here. 560 is for object access to file/folder for some
reason and 577 means they or a service used a user right for a procedure.
Auditing of object access and privilige use will generate tons of events in
the security log and many will be very hard to make any sense of and many
are generated by the operating system instead of directly by a user. Often
event ID 560 is paired with another envent ID with the same timestamp that
may be helpful in determining what type of access was being done. The
following link may help.--- Steve
http://www.microsoft.com/technet/security/guidance/secmod144.mspx
"anita.geogre@lmco.com" <anonymous@discussions.microsoft.com> wrote in
message news:1220701c4427f$0ff3c410$a401280a@phx.gbl...
> Lately we've turned on security and in out event log we
> are getting unexplained evnets, error codes 577 and 560.
>
> Can anyone tell me what these codes mean in English? What
> was the user trying to do ?
>
>
> Thanks,
> Anita
>
- Next message: Steven L Umbach: "Re: Deny account management to certain administrative users"
- Previous message: Steven L Umbach: "Re: Firewall"
- In reply to: anita.geogre_at_lmco.com: "Event log Error codes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
