Events for authorization roles are not logged in the security log when you configure auditing for Windows 2000 Authorization Manager Runtime (821887)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server

SYMPTOMS

If you configure auditing for Windows 2000 Authorization Manager Runtime in Microsoft Windows 2000, security-related events for authorization roles are not logged in the security event log.

CAUSE

This problem occurs because events that are used by authorization roles are not registered in the Local Security Authority (LSA). Therefore, events are not generated by authorization roles for the security event log.

RESOLUTION

Hotfix Information

To resolve this problem, install the "Update for Microsoft Windows 2000: KB821887" hotfix (Windows2000-KB821887-x86-ENU.exe).

The following file is available for download from the Microsoft Download Center:

DownloadDownload the Windows2000-KB821887-x86-ENU.exe package now.
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

Prerequisites

This hotfix requires Windows 2000 Service Pack 4 (SP4).

Restart requirement

You must restart your computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other hotfixes.

File information

The English version of this hotfix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.

Date         Time   Version         Size    File name
------------------------------------------------------
28-May-2003  20:38  5.0.2195.6749   55,056  Authz.dll        
28-May-2003  20:39  5.0.2195.6749  509,712  Lsasrv.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section of this article.

MORE INFORMATION

Windows 2000 Authorization Manager Runtime provides a framework for integrating role-based access control into applications. It allows administrators who use those applications to provide access through assigned user roles that relate to job functions. Windows 2000 Authorization Manager Runtime applications store authorization policy in Active Directory directory service or in XML files in the form of authorization stores that apply authorization policy at runtime.

For more information about the "Update for Microsoft Windows 2000: KB821887" hotfix, visit the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?amp;displaylang=en&familyid=5904957D-D42B-40FB-B7F6-8E53444C45A3&displaylang=en


For additional information about how to obtain the latest service pack for Windows 2000, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to obtain the latest Windows 2000 service pack

For additional information about how hotfix packages are named, click the following article number to view the article in the Microsoft Knowledge Base:

816915 New naming schema for Microsoft Windows hotfix packages

Modification Type:MinorLast Reviewed:10/28/2005
Keywords:kbHotfixServer kbQFE kbdownload kbBug kbfix kbQFE kbWin2000preSP5fix KB821887 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.