|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Event ID 560all of a sudden, my symantec reporting server isn't recieving updates. Event Type: Failure Audit Event Source: Security Event Category: Object Access Event ID: 560 Date: 9/28/2006 Time: 5:07:23 PM User: Server01\IUSR_Server01 Computer: Server01 Description: Object Open: Object Server: Security Object Type: Key Object Name: \REGISTRY\MACHINE\SOFTWARE\Description\Microsoft\Rpc\UuidTemporaryData Handle ID: - Operation ID: {0,128529722} Process ID: 3696 Image File Name: C:\Program Files\Symantec\Reporting Server\Php\php-cgi.exe Primary User Name: IUSR_Server01 Primary Domain: W31SVISSC01 Primary Logon ID: (0x0,0x39864) Client User Name: - Client Domain: - Client Logon ID: - Accesses: Query key value Set key value Privileges: - Restricted Sid Count: 0 Access Mask: 0x3 For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Some capability of C:\Program Files\Symantec\Reporting
Server\Php\php-cgi.exe running in the context of the account Server01\IUSR_Server01 is attempting to modigy reg at HKLM\\SOFTWARE\Description\Microsoft\Rpc\UuidTemporaryData but has insufficient permissions to do so. Perhaps it is also denied read there. But rather I am leaning toward it trying to modify something that is not there. I. E. the reg key path is rather unusual with the \Description\ part in it. Show quoteHide quote "Kevin Wheeler" <KevinWhee***@discussions.microsoft.com> wrote in message news:5B0B1825-356B-4E26-AA18-D8CC3256E3BA@microsoft.com... > Can anyone tell me why I'm getting the following error in my security log. > all of a sudden, my symantec reporting server isn't recieving updates. > > Event Type: Failure Audit > Event Source: Security > Event Category: Object Access > Event ID: 560 > Date: 9/28/2006 > Time: 5:07:23 PM > User: Server01\IUSR_Server01 > Computer: Server01 > Description: > Object Open: > Object Server: Security > Object Type: Key > Object > Name: > \REGISTRY\MACHINE\SOFTWARE\Description\Microsoft\Rpc\UuidTemporaryData > Handle ID: - > Operation ID: {0,128529722} > Process ID: 3696 > Image File Name: C:\Program Files\Symantec\Reporting > Server\Php\php-cgi.exe > Primary User Name: IUSR_Server01 > Primary Domain: W31SVISSC01 > Primary Logon ID: (0x0,0x39864) > Client User Name: - > Client Domain: - > Client Logon ID: - > Accesses: Query key value > Set key value > > Privileges: - > Restricted Sid Count: 0 > Access Mask: 0x3 > > > For more information, see Help and Support Center at > http://go.microsoft.com/fwlink/events.asp. > 
Other interesting topics
FTP maximum password attempts
Implications of a SSL site as a virtual directory rather than a root website? SSL entire web site IIS 6 and Anonymous on Windows Server 2003 Internet Access on an SBS 2003 Install Allow anonymous access between times Certificate Service Button Strange CN (Common Name) format with \x00 ... pb with application pools Export Security Cert |
|||||||||||||||||||||||
