Click here to get back home

Event ID 577 Filing Security Logs
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Event ID 577 Filing Security Logs Rob 07-19-2006
Posted by Rob on July 19, 2006, 10:45 am
Please log in for more thread options
 I am having a problem with event id 577 events, in particular failure for
security privledges being generated that fill the event log within seconds. I
have auditing of privledge use set for success and failure. From what i have
read it seems that every RPC to a file server generates a failure event in
the security log. We have tried to add users groups to allow the right (
under user rights assignment) for priority scheduling and that did not work.
The only suggestion that i have read that seems to work is turning off
auditing of failures for privledge use - something our security policy
forbids. Does anyone know a way to stop these events without turing off the
auditing?
--
Rob

Posted by Roger Abell [MVP] on July 20, 2006, 12:20 am
Please log in for more thread options
 Perhaps if you were to post about what privilege is not being granted and
so triggering the events. I do not normally experience what you mention
when auditing failure is enabled for privilege use.

>I am having a problem with event id 577 events, in particular failure for
> security privledges being generated that fill the event log within
> seconds. I
> have auditing of privledge use set for success and failure. From what i
> have
> read it seems that every RPC to a file server generates a failure event in
> the security log. We have tried to add users groups to allow the right (
> under user rights assignment) for priority scheduling and that did not
> work.
> The only suggestion that i have read that seems to work is turning off
> auditing of failures for privledge use - something our security policy
> forbids. Does anyone know a way to stop these events without turing off
> the
> auditing?
> --
> Rob



Similar ThreadsPosted
Security Event Logs June 10, 2005, 8:36 am
security event logs in DC as well ? SOS May 3, 2006, 6:06 pm
Reading Security Event Logs with Service Account November 15, 2007, 7:36 pm
Rights to event logs June 15, 2005, 2:03 pm
Re: Access Deined event logs October 26, 2005, 9:12 pm
Access Deined event logs October 25, 2005, 8:51 am
RE: Who/What is sft@loader.com in our IIS Logs? MSFTPSVC Event 10 November 19, 2007, 7:38 am
RE: Who/What is sft@loader.com in our IIS Logs? MSFTPSVC Event 10 February 21, 2008, 4:20 pm
Windows Server 2003 event logs May 2, 2006, 3:29 pm
Event ID 2003 Unable to open the performance logs and alerts confi May 30, 2006, 6:28 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap