Export (0) Print
Expand All
Expand Minimize

Event Message:

Security Enabled Global Group Member Added:%n\r\n%tMember Name:%t%1%n\r\n%tMember ID:%t%2%n\r\n%tTarget Account Name:%t%3%n\r\n%tTarget Domain:%t%4%n\r\n%tTarget Account ID:%t%5%n\r\n%tCaller User Name:%t%6%n\r\n%tCaller Domain:%t%7%n\r\n%tCaller Logon ID:%t%8%n\r\n%tPrivileges:%t%9%n\r\n

Source

Event Log

Event ID

Event Type

Security

Security

632

Success Audit

Explanation:

This audit record indicates that a new member has been added to a global group. This event also occurs when a user account is created and added to the built-in None group used internally by Windows 2000. There is no Failure Audit form of this audit event record. Adding members to groups can have security implications. This is especially true when a user is added to the Administrator group.

User Action:

Check to see who is being added to groups that have security implications. Make sure that users added to security-sensitive groups really belong in the group.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft