Logon Rights Are Not Audited (166478)
The information in this article applies to:
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0
This article was previously published under Q166478 SYMPTOMS
Windows NT can audit when a user or group is added to or removed from a
User Right. To audit these types of actions, in User Manager, on the
Policies menu, click Audit. In Audit Policy, click Audit These Events and
select Security Policy Changes. This is the only audit category needed to
audit these specific actions. However, the following rights do not show up
in the Security log when Security Policy Changes are being audited. Changes
to other rights were successfully audited.
The following rights are not audited:
- Access this computer from network
- Log on as a service
- Log on as a batch job
- Log on locally
CAUSE
There was no associated code to log these events.
STATUS
Microsoft has confirmed this to be a problem in Windows NT version 3.51 and
4.0.
This problem was corrected in the latest Microsoft Windows NT 4.0 U.S. Service
Pack. For information on obtaining the service pack, query on the following word
in the Microsoft Knowledge Base (without the spaces):
Modification Type: | Major | Last Reviewed: | 7/24/2002 |
---|
Keywords: | kbbug kbenv KB166478 |
---|
|