Sometimes when we don't know what's going wrong with the computer, we might see an error report. If we can help us quickly identify the security events generated by the Microsoft? Windows Server 2003 operating system based on the ID below, it means What happened?
I. Account Login Event
The following shows the security events generated by the “Auditing Account Login Event&Security; security template settings.
672: The authentication service (AS) ticket has been successfully issued and verified.
673: The Authorized Ticket Service (TGS) ticket is authorized. TGS is a ticket issued by the Kerberos v5 Ticket Authorization Service (TGS) that allows users to authenticate specific services in the domain.
674: The security principal has updated the AS ticket or TGS ticket.
675: Pre-authentication failed. The Key Distribution Center (KDC) generates this event when the user types the wrong password.
676: The authentication ticket request failed. This event is not generated in members of the Windows XP Professional or Windows Server family.
677: The TGS ticket is not authorized. This event is not generated in members of the Windows XP Professional or Windows Server family.
678: The account has been successfully mapped to a domain account.
681: Login failed. Try a domain account login. This event is not generated in members of the Windows XP Professional or Windows Server family.
682: The user has reconnected to a disconnected terminal server session.
683: The user disconnects the terminal server session without logging out.
Second, Account Management Events
The following shows the security events generated by the "Audit Account Management" security template settings.
624: User account has been created.
627: User password has been changed.
628: The user password has been set.
630: User account has been deleted.
631: The global group has been created.
632: Members have been added to the global group.
633: The member has been removed from the global group.
634: The global group has been deleted.
635: A new local group has been created.
636: Members have been added to the local group.
637: The member has been removed from the local group.
638: The local group has been deleted.
639: The local group account has been changed.
641: The global group account has been changed.
642: User account has been changed.
643: The domain policy has been modified.
644: User accounts are automatically locked.
645: The computer account has been created.
646: The computer account has been changed.
647: The computer account has been deleted.
648: Disabled security local security group has been created.
In large enterprises, if the AD in Win2003 disappears unwarrantedly, I believe many people will defi
We will consider the life and quality of the computer when buying a computer, so we will choose a be
Since upgrading the system to Win8.1, every time you turn on the Internet connection must be used tw
Since the Win2003 system is a server operating system, we always worry that other people can launch
Detailed explanation Win2003 NTFS partition can not access the problem
Win2003 Tip: Let the network load balancing strategy
How to improve permissions in win 2003?
Close the trick of Win2003 data protection function
How to know how much memory Win2003 serverner supports
Master quickly shut down Win2003 system has a trick
How to determine the correct installation of the network adapter in the win 2003 system?
Briefly introduce the configuration method of the web server
Win2003 system: Eliminate security risks
Win2003 Enterprise Edition can't open FSO solution
Extract Win2003 system startup group to expand installation requirements
Fun Win2003! Practical solution for remotely modifying the machine name
Microsoft official guide: Win8.1 preview upgrade /installation method
How to close the system message reminder for Win10 preview?
Win10 Preview 10074: Official Content Fix and Known Issues at a Glance
Win 7 adds commands to show hidden files into the right-click menu
Windows 10 system rearranges the program in the start menu (normal method does not work)
Windows7 Ultimate Activation Key Perpetual Edition
Tips for changing the Win8 taskbar to a two-line
WP8.1 Cortana version 1 comes with the official version
Win10 Mobile build 10586.242 to get started in advance
How to change the disk volume label in win10/win8.1/win7 system