Security Log Failure Audits
Recieving multiple instances per day of these failure audits in the security logs on every computer on my domain.
EVENT ID 577 FAILURE
Catagory: Privelege Use
Privileged object operation:
Object Server: Security
Object Handle: 4294967295
Process ID: 168
Primary User Name: *USERNAME*$
Primary Domain: *DOMAIN*
Primary Logon ID: (0x0,0x3E7)
Client User Name: *USERNAME*
Client Domain: *DOMAIN*
Client Logon ID: (0x0,0x427FE10)
Privileges:SeIncreaseBasePriorityPrivilege
EVENT ID 578 FAILURE
Catagory: Privelege Use
Privileged Service Called:
Server: Security
Service: –
Primary User Name: *USERNAME*
Primary Domain: *DOMAIN*
Primary Logon ID: (0x0,0x194414)
Client User Name: –
Client Domain: –
Client Logon ID: –
Privileges: SeIncreaseBasePriorityPrivilege
are they safe to ignore or turn off failure logging?
Also getting alot of
EVENT ID 643 SUCCESS
Catagory: Account Management
Domain Policy Changed: Password Policy modified
Domain: *COMPUTERNAME*
Domain ID: *COMPUTERNAME*\
Caller User Name: *COMPUTERNAME*$
Caller Domain: *DOMAIN*
Caller Logon ID: (0x0,0x3E7)
Privileges: –
Any explanations would be appreciated