Re: audit

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 11/17/04 

Date: Tue, 16 Nov 2004 23:40:53 GMT

That indicates that user1 successfully exercised some user rights.
Particularly looks like that user did a backup and or restore operation.
Auditing of privilege use displays when a user used or attempted to use a
user right. The user rights for a computer are shown in the Local Security
Policy under security settings/local policies/user rights. For Windows 2000
the effective user right may differ from the local setting if the computer
is a domain member. --- Steve

"DC Gringo" <dcgringo@visiontechnology.net> wrote in message
news:%23kVGpEAzEHA.3908@TK2MSFTNGP12.phx.gbl...
>I audit to logons...can someone tell me what they mean?
>
> Event Type: Success Audit
> Event Source: Security
> Event Category: Privilege Use
> Event ID: 576
> Date: 11/15/2004
> Time: 5:02:22 PM
> User: domain\user1
> Computer: machinename
> Description:
> Special privileges assigned to new logon:
> User Name:
> Domain:
> Logon ID: (0x0,0xE15B34)
> Privileges: SeChangeNotifyPrivilege
> SeBackupPrivilege
> SeRestorePrivilege
> SeDebugPrivilege
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
> Event Type: Success Audit
> Event Source: Security
> Event Category: Privilege Use
> Event ID: 578
> Date: 11/15/2004
> Time: 5:02:22 PM
> User: domain/user1
> Computer: CIL-132
> Description:
> Privileged object operation:
> Object Server: SC Manager
> Object Handle: -312443664
> Process ID: 1068
> Primary User Name: machinename$
> Primary Domain: domainname
> Primary Logon ID: (0x0,0x3E7)
> Client User Name: dheckel
> Client Domain: domainname
> Client Logon ID: (0x0,0xE15B34)
> Privileges: SeTakeOwnershipPrivilege
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
> --
> _____
> DC G
>
>

Relevant Pages

  • Re: Parkening: Success vs. Excellence
    ... privilege. ... Excellence is internal-seeking satisfaction in having done your best. ... Success is external-how you have done in comparison to others. ... For me, success seeks to please men, but excellence seeks to please God. ...
    (rec.music.classical.guitar)
  • Re: Parkening: Success vs. Excellence
    ... > Success seeks status, power, prestige, wealth, and ... > privilege. ... Success is external-how you have ...
    (rec.music.classical.guitar)
  • Re: Privilege config. problem
    ... I suggest you using LsaEnumerateAccountsWithUserRight to see whether the ... "SeTcbName" privilege was granted. ... If success, ...
    (microsoft.public.platformsdk.security)
  • Re: A question about windows service access netdriver privilege
    ... It's not a problem of privilege and permission, it's just the way it is. ... The same user logged on on the same machine under 2 different Logon Sessions ... > account, but service can not see the Mapped Network Share. ...
    (microsoft.public.vc.language)
  • Re: FTP access, Userlogin access denied
    ... Try enabling auditing of logon events for success and failure and privilege ... > the network are not able to login to the computer with the local policy. ...
    (microsoft.public.security)
Loading