暂时无法在支持网站上提交享有定期维护的产品表单。 如果您需要我们立即提供帮助,请与技术支持部门联系。 对于由此给您带来的不便,我们深表歉意。
获得即时帮助
完成注册
登录
请求定价
联系销售人员
您已选择一个产品捆绑包。 您能否选择单个产品以便我们更好地满足您的请求。 *
技术支持工程师目前正忙,无法回应您的消息。 如果需要即时服务,请通过我们的服务请求表提交请求。
以下文章可根据您的描述解决您的问题。
Information about login and log out activity is important for regulatory compliance and user activity tracking. There are two auditing modules provided to allow you to collect this important activity:
This guide lists the events captured by these two Change Auditor for Logon Activity auditing modules. Separate event reference guides are available that list the core Change Auditor events (when any Change Auditor license is applied) and the events captured when the different auditing modules are licensed.
This section lists the audited events captured by the two Change Auditor for Logon Activity auditing modules. They are listed in alphabetical order by facility:
Domain - Group Policy:
Workgroup - Local Group Policy:
User failed to log on interactively
Created when a user failed to log on interactively to a computer.
Windows Event equivalent: 529/4625
Medium
User failed to log on interactively from a remote computer
Created when a user failed to log on interactively from a remote computer.
Windows Event: 529/4625
User failed to perform a network logon from a remote computer
Created when a user failed to log on from a remote computer on the network. (Disabled by default)
User logged on interactively
Created when a user successfully logged on interactively to a computer.
Windows Event equivalent: 528/4624
User logged on interactively from a remote computer
Created when a user successfully logged on interactively from a remote computer.
User performed a successful network logon from a remote computer
Crated when a user successfully logged on from a remote computer on the network. (Disabled by default)
Windows Event equivalent: 540/4624
User performed a successful NTLM V1 logon
Created when a user successfully logged into server through NTLM V1. (Disabled by default)
User performed a successful NTLM V2 logon
Created when a user successfully logged into server through NTLM V2. (Disabled by default)
Low
Kerberos user ticket that exceeds the maximum ticket lifetime detected
A Kerberos user ticket can be used to verify your identity and gain access to specific resources or services in your domain. A golden ticket is a forged Kerberos ticket.
An attack using a golden ticket is extremely dangerous due to the forged identity, elevated access it allows, and because it can be reused over its lifetime (10 years by default).
This event is created when the Kerberos Ticket Lifetime value in agent configuration is exceeded indicating a possible golden ticket attack.
High
User authenticated through Kerberos
Created when a user successfully authenticated to a domain controller using Kerberos authentication. (Disabled by default)
User failed to authenticate through Kerberos
Created when a user failed to authenticate to a domain controller using Kerberos authentication.
User authenticated through NTLM
Created when a user successfully authenticated to a domain controller using NTLM authentication. (Disabled by default)
User failed to authenticate through NTLM
Created when a user failed to authenticate to a domain controller using NTLM authentication.
您可以在附属支持站点上查找适用于戴尔*产品*的在线支持帮助。单击“继续”,转至适用于*产品*的正确支持内容和帮助。
The document was helpful.
选择评级
I easily found the information I needed.
© ALL RIGHTS RESERVED. Feedback 使用条款 隐私 Cookie Preference Center
Quest Software门户不再支持IE 8、9和10,建议将您的浏览器升级到最新版本的Internet Explorer或Chrome。
要升级到IE 11,请单击此处
要升级到Chrome,请单击此处
如果继续使用IE 8、9和10,您将无法充分利用我们所有出色的自助服务功能。