Security Configuration
Applies To: Windows Server 2008 R2
The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. The SAM is attempting to secure the computer accounts by removing the default Full Control permissions, which are assigned to the Builtin Account Operators group, from the access control entry (ACE) of a computer account.
Events
| Event ID | Source | Message |
|---|---|---|
SAM |
Failed to secure the machine account %1. Have an administrator remove full control for the builtin\account operators access control entry from the security descriptor of this object. | |
SAM |
Failed to secure the machine account %1. This operation will be retried. Have an administrator verify that full control was removed for the builtin\account operators access control entry for the security descriptor of this object. | |
SAM |
Secured the computer account %1. Full control was removed for the builtin\account operators acess control entry for the security descriptor of this object. |