Event ID 566 Failure Audit Directory Service Access, unixUserPassw

C

Claude Lachapelle

Since we upgraded our schema to R2, we have this failure audit message on all
DCs security logs. I found that we could disable it by modifying a special
schema attribute, but does anything else will be affected?

Event Type: Failure Audit
Event Source: Security
Event Category: Directory Service Access
Event ID: 566
Date: 26/09/2007
Time: 9:33:25 AM
User: DOMAIN\xyz$
Computer: DC01
Description:
Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: user
Object Name: CN=xyz_user,OU=Users,OU=Resources,DC=domain,DC=com
Handle ID: -
Primary User Name: DC01$
Primary Domain: DOMAIN
Primary Logon ID: (0x0,0x3E7)
Client User Name: xyz$
Client Domain: DOMAIN
Client Logon ID: (0x0,0x8E9E6D5E)
Accesses: Control Access

Properties:
---
Default property set
unixUserPassword
user

Additional Info:
Additional Info2:
Access Mask: 0x100

Thanks.

Claude Lachapelle
System Administrators, MCSE
 
D

Damian B.

Hi
I get this error message, but only effects 2 desktops. I have recently
installed 2003 R2. I don't have Unix items. Any help would be grateful.
Damian

Object Operation:
Object Server: DS
Operation Type: Object Access
Object Type: dnsNode
Object
Name: DC=PC32,DC=MyDomain.com,CN=MicrosoftDNS,CN=System,DC=MyDomain,DC=com
Handle ID: -
Primary User Name: ServerName$
Primary Domain: MyDomain
Primary Logon ID: (0x0,0x3E7)
Client User Name: CCN032$
Client Domain: MyDomain
Client Logon ID: (0x0,0x21A8FEEF)
Accesses: Write Self

Properties:
---
Default property set
dnsRecord
dNSTombstoned
dnsNode

Additional Info:
Additional Info2:
Access Mask: 0x8
"Claude Lachapelle" wrote:

> Since we upgraded our schema to R2, we have this failure audit message on all
> DCs security logs. I found that we could disable it by modifying a special
> schema attribute, but does anything else will be affected?
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Directory Service Access
> Event ID: 566
> Date: 26/09/2007
> Time: 9:33:25 AM
> User: DOMAIN\xyz$
> Computer: DC01
> Description:
> Object Operation:
> Object Server: DS
> Operation Type: Object Access
> Object Type: user
> Object Name: CN=xyz_user,OU=Users,OU=Resources,DC=domain,DC=com
> Handle ID: -
> Primary User Name: DC01$
> Primary Domain: DOMAIN
> Primary Logon ID: (0x0,0x3E7)
> Client User Name: xyz$
> Client Domain: DOMAIN
> Client Logon ID: (0x0,0x8E9E6D5E)
> Accesses: Control Access
>
> Properties:
> ---
> Default property set
> unixUserPassword
> user
>
> Additional Info:
> Additional Info2:
> Access Mask: 0x100
>
> Thanks.
>
> Claude Lachapelle
> System Administrators, MCSE
 
You must log in or register to reply here.

Similar threads

P
What is the difference of the successful run of the same app but one works other does not work - File share Event viewer
Replies
0
Views
39
PZac-CAN
P
S
I am getting excessive User Account Management Event ID 5379 on startup
Replies
0
Views
54
stephencadams
S
A
Security Log Failure Event ID 4771 Kerberos pre-authentication failed. Mapped Drives not working
Replies
0
Views
115
AllquestionsNoAnswers
A
J
Event Id 4724 - where to find Access Denied attempts
Replies
0
Views
140
Jeffrey Hyson (Thycotic)
J
B
  • Article
Releasing Windows 11 Build 22000.588 to Beta and Release Preview Channels
Replies
0
Views
265
Brandon LeBlanc
B
Back
Top Bottom