Resetting Password on Domain Controller May Cause Incorrect Audit in Security Event Log (263190)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional
This article was previously published under Q263190 SYMPTOMS
When you reset a password on domain controllers with certain password policy restrictions, an erroneous audit is logged in the Security event log.
For example, if a domain controller is configured with a policy that requires a password history, an administrator changes a user password, and then changes the password back to its previous value, a "failure" event is logged; however, the password is changed back to its previous value.
CAUSE
The problem is caused by a logic error in the code that is called when a user modifies a password.
RESOLUTION
A supported fix that corrects this problem is now available from Microsoft. Please check the RESOLUTION section of the following Knowledge Base article
for information about the fix.
267556 Auditing Does Not Report Security Event for Resetting Password
STATUSMicrosoft has confirmed that this is a problem in Microsoft Windows 2000.
Modification Type: | Major | Last Reviewed: | 11/13/2003 |
---|
Keywords: | kbbug kbfix kbQFE kbWin2000PreSP2Fix KB263190 |
---|
|