Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > What does this winlogon.log message mean?!

What does this winlogon.log message mean?!

Forum Windows 2000/NT : Windows 2000/NT General Discussion - What does this winlogon.log message mean?!

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!

Ask the community Add a reply

Bottom Search this thread

Archived from groups: microsoft.public.win2000.security (More info?)

I found the following in winlogon.log and I'm a bit worried. Any idea what
it means?

Invoke Registry Value Delay Filter.
Analyze machine\software\microsoft\windows
nt\currentversion\setup\recoveryconsole\securitylevel.
Analyze machine\software\microsoft\windows
nt\currentversion\setup\recoveryconsole\setcommand.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\allocatecdroms.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\allocatedasd.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\allocatefloppies.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\cachedlogonscount.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\passwordexpirywarning.
Analyze machine\software\microsoft\windows
nt\currentversion\winlogon\scremoveoption.
Analyze
machine\software\microsoft\windows\currentversion\policies\system\disablecad
..
Analyze
machine\software\microsoft\windows\currentversion\policies\system\dontdispla
ylastusername.
Analyze
machine\software\microsoft\windows\currentversion\policies\system\legalnotic
ecaption.
Analyze
machine\software\microsoft\windows\currentversion\policies\system\legalnotic
etext.
Analyze
machine\software\microsoft\windows\currentversion\policies\system\shutdownwi
thoutlogon.
Analyze machine\system\currentcontrolset\control\lsa\auditbaseobjects.
Analyze machine\system\currentcontrolset\control\lsa\crashonauditfail.
Analyze machine\system\currentcontrolset\control\lsa\fullprivilegeauditing.
Analyze machine\system\currentcontrolset\control\lsa\lmcompatibilitylevel.
Analyze machine\system\currentcontrolset\control\lsa\restrictanonymous.
Analyze machine\system\currentcontrolset\control\print\providers\lanman
print services\servers\addprinterdrivers.
Analyze machine\system\currentcontrolset\control\session manager\memory
management\clearpagefileatshutdown.
Analyze machine\system\currentcontrolset\control\session
manager\protectionmode.
Analyze
machine\system\currentcontrolset\services\lanmanserver\parameters\autodiscon
nect.
Analyze
machine\system\currentcontrolset\services\lanmanserver\parameters\enableforc
edlogoff.
Analyze
machine\system\currentcontrolset\services\lanmanserver\parameters\enablesecu
ritysignature.
Analyze
machine\system\currentcontrolset\services\lanmanserver\parameters\requiresec
uritysignature.
Analyze
machine\system\currentcontrolset\services\lanmanworkstation\parameters\enabl
eplaintextpassword.
Analyze
machine\system\currentcontrolset\services\lanmanworkstation\parameters\enabl
esecuritysignature.
Analyze
machine\system\currentcontrolset\services\lanmanworkstation\parameters\requi
resecuritysignature.
Analyze
machine\system\currentcontrolset\services\netlogon\parameters\disablepasswor
dchange.
Analyze
machine\system\currentcontrolset\services\netlogon\parameters\requiresignors
eal.
Analyze
machine\system\currentcontrolset\services\netlogon\parameters\requirestrongk
ey.
Analyze
machine\system\currentcontrolset\services\netlogon\parameters\sealsecurechan
nel.
Analyze
machine\system\currentcontrolset\services\netlogon\parameters\signsecurechan
nel.
Analyze MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl.
Analyze MACHINE\Software\Microsoft\Non-Driver Signing\Policy.
Analyze MACHINE\Software\Microsoft\Driver Signing\Policy.
Copy local policy.
----Configuration engine is initialized successfully.----

----Reading Configuration template info...

----Configure User Rights...
Configure S-1-6-32-545.
Configure S-1-6-32-542.
Configure S-1-6-21-1933862763-1390167357-839552115-1002.
Configure S-1-6-21-1933862763-1390167357-839552115-1001.
Configure S-1-6-32-548.
Configure S-1-6-32-546.
Configure S-1-1-1.
Configure S-1-6-7.
Configure S-1-6-21-1933862763-1390167357-839552115-501.
Configure S-1-6-21-1933862763-1390167357-839552115-1000.

User Rights configuration completed successfully.

Add a reply

Archived from groups: microsoft.public.win2000.security (More info?)

This is the logging the scecli.dll component does when applying security
policy to the computer.
The configure user rights is perfrectly normal.

I haven't seen the "analyze" entries before.
I suspect someone ran the "security configuration and analysis" wizard to
analyze the security policies on the computer.

Doesn't appear to be anything of concern to me.

Incidently, this log file is helpful when troubleshooting security policy
application.

Glenn L

"Robert Paris" <rpjava@hotmail.com> wrote in message
news:%23roHEgfwEHA.3620@TK2MSFTNGP09.phx.gbl...
>I found the following in winlogon.log and I'm a bit worried. Any idea what
> it means?
>
> Invoke Registry Value Delay Filter.
> Analyze machine\software\microsoft\windows
> nt\currentversion\setup\recoveryconsole\securitylevel.
> Analyze machine\software\microsoft\windows
> nt\currentversion\setup\recoveryconsole\setcommand.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\allocatecdroms.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\allocatedasd.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\allocatefloppies.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\cachedlogonscount.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\passwordexpirywarning.
> Analyze machine\software\microsoft\windows
> nt\currentversion\winlogon\scremoveoption.
> Analyze
> machine\software\microsoft\windows\currentversion\policies\system\disablecad
> .
> Analyze
> machine\software\microsoft\windows\currentversion\policies\system\dontdispla
> ylastusername.
> Analyze
> machine\software\microsoft\windows\currentversion\policies\system\legalnotic
> ecaption.
> Analyze
> machine\software\microsoft\windows\currentversion\policies\system\legalnotic
> etext.
> Analyze
> machine\software\microsoft\windows\currentversion\policies\system\shutdownwi
> thoutlogon.
> Analyze machine\system\currentcontrolset\control\lsa\auditbaseobjects.
> Analyze machine\system\currentcontrolset\control\lsa\crashonauditfail.
> Analyze
> machine\system\currentcontrolset\control\lsa\fullprivilegeauditing.
> Analyze machine\system\currentcontrolset\control\lsa\lmcompatibilitylevel.
> Analyze machine\system\currentcontrolset\control\lsa\restrictanonymous.
> Analyze machine\system\currentcontrolset\control\print\providers\lanman
> print services\servers\addprinterdrivers.
> Analyze machine\system\currentcontrolset\control\session manager\memory
> management\clearpagefileatshutdown.
> Analyze machine\system\currentcontrolset\control\session
> manager\protectionmode.
> Analyze
> machine\system\currentcontrolset\services\lanmanserver\parameters\autodiscon
> nect.
> Analyze
> machine\system\currentcontrolset\services\lanmanserver\parameters\enableforc
> edlogoff.
> Analyze
> machine\system\currentcontrolset\services\lanmanserver\parameters\enablesecu
> ritysignature.
> Analyze
> machine\system\currentcontrolset\services\lanmanserver\parameters\requiresec
> uritysignature.
> Analyze
> machine\system\currentcontrolset\services\lanmanworkstation\parameters\enabl
> eplaintextpassword.
> Analyze
> machine\system\currentcontrolset\services\lanmanworkstation\parameters\enabl
> esecuritysignature.
> Analyze
> machine\system\currentcontrolset\services\lanmanworkstation\parameters\requi
> resecuritysignature.
> Analyze
> machine\system\currentcontrolset\services\netlogon\parameters\disablepasswor
> dchange.
> Analyze
> machine\system\currentcontrolset\services\netlogon\parameters\requiresignors
> eal.
> Analyze
> machine\system\currentcontrolset\services\netlogon\parameters\requirestrongk
> ey.
> Analyze
> machine\system\currentcontrolset\services\netlogon\parameters\sealsecurechan
> nel.
> Analyze
> machine\system\currentcontrolset\services\netlogon\parameters\signsecurechan
> nel.
> Analyze MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl.
> Analyze MACHINE\Software\Microsoft\Non-Driver Signing\Policy.
> Analyze MACHINE\Software\Microsoft\Driver Signing\Policy.
> Copy local policy.
> ----Configuration engine is initialized successfully.----
>
> ----Reading Configuration template info...
>
>
> ----Configure User Rights...
> Configure S-1-6-32-545.
> Configure S-1-6-32-542.
> Configure S-1-6-21-1933862763-1390167357-839552115-1002.
> Configure S-1-6-21-1933862763-1390167357-839552115-1001.
> Configure S-1-6-32-548.
> Configure S-1-6-32-546.
> Configure S-1-1-1.
> Configure S-1-6-7.
> Configure S-1-6-21-1933862763-1390167357-839552115-501.
> Configure S-1-6-21-1933862763-1390167357-839552115-1000.
>
> User Rights configuration completed successfully.
>
>

Reply to Anonymous

Ask the community Add a reply

Tom's Hardware > Forum > Windows 2000/NT > Windows 2000/NT General Discussion > What does this winlogon.log message mean?!

Go to:

Help |
Forum rules

There are 569 identified and unidentified users. To see the list of identified users, Click here.

Page generated in 0.751 seconds

Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel

Focus On

What does this winlogon.log message mean?!

Forum Windows 2000/NT : Windows 2000/NT General Discussion - What does this winlogon.log message mean?!

Please mind