Logon Rights Are Not Audited

 Last reviewed: May 20, 1997
Article ID: Q166478
The information in this article applies to:
  • Microsoft Windows NT Workstation versions 3.51 and 4.0
  • Microsoft Windows NT Server versions 3.51 and 4.0

SYMPTOMS

Windows NT can audit when a user or group is added to or removed from a User Right. To audit these types of actions, in User Manager, on the Policies menu, click Audit. In Audit Policy, click Audit These Events and select Security Policy Changes. This is the only audit category needed to audit these specific actions. However, the following rights do not show up in the Security log when Security Policy Changes are being audited. Changes to other rights were successfully audited.

The following rights are not audited:

  • Access this computer from network
  • Log on as a service
  • Log on as a batch job
  • Log on locally

CAUSE

There was no associated code to log these events.

STATUS

Microsoft has confirmed this to be a problem in Windows NT version 3.51 and 4.0. This problem was corrected in the latest Microsoft Windows NT 4.0 U.S. Service Pack. For information on obtaining the service pack, query on the following word in the Microsoft Knowledge Base (without the spaces): 

   S E R V P A C K

Additional query words: prodnt
Keywords : kbbug4.00 kbfix4.00 kbfix4.00.sp2 ntsecurity NTSrvWkst kbenv kbbuglist kbfixlist
Version : 3.51 4.0
Platform : winnt
Issue type : kbbug
Solution Type : kbservicepack

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: May 20, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.