Event 560 When Opening a Read-Only File for Read Access

Last reviewed: November 10, 1997
Article ID: Q130487
3.50 WINDOWS kbother kbbug3.50

The information in this article applies to:

  • Microsoft Windows NT Workstation version 3.5
  • Microsoft Windows NT Server version 3.5

SYMPTOMS

If a file has only read and execute permissions, event 560 (Audit Failure) may be written to the security log when the file is opened for read access. For this symptom to occur, auditing for file write failure must be enabled.

STATUS

Microsoft has confirmed this to be a problem in Windows NT version 3.5. A fix to this problem is in development, but has not been regression-tested and may be destabilizing in production environments. Microsoft does not recommend implementing this fix at this time. Contact Microsoft Product Support Services for more information on the availability of this fix. receive


KBCategory: kbother kbbug3.50
KBSubcategory: ntfilesys
Additional reference words: 3.50 prodnt
Keywords : ntfilesys kbbug3.50 kbother
Version : 3.50
Platform : WINDOWS


THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: November 10, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.