?
Solved

Failure Audit 530 with Force Logoff in GP

Posted on 2007-03-20
6
Medium Priority
?
314 Views
Last Modified: 2013-12-04
I have an account logon time restriction violation in my security event log. I have in place a group policy that will log the user off if they are logged in within the time resriction. The event ID is 530 under security as the source. I have read that if the user is logged into outlook when they are forced log off then this may cause the event in the security log. It happens multiple time a minute per user that has the failure audit. Im not sure if that is what's causing my failure audits, but let me know what you all think.
0
Comment
Question by:compguy101101
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 13

Expert Comment

by:strongline
ID: 18757744
yes that is correct. 530 will be generated only when time restriction is violated.
0
 

Author Comment

by:compguy101101
ID: 18758649
Well I am still trying to figure out what to change so that I don't receive the 530 error. If you have an idea on that it would be helpful. I want to force the log off of the user which I already have set. But it does not seem to work or either because they are in Outlook they are forced to logg off so it see's them as logged in.
0
 
LVL 13

Accepted Solution

by:
strongline earned 2000 total points
ID: 18758876
then you have to disable the account logon auditing completely, which is probably not what you want.

account logon auditing setting can be changed in Default Domain *Controller* Policy.
0
 

Author Comment

by:compguy101101
ID: 18759415
Yes that is not what I want to do. I want to make it to where when the user is forced to log off then Everything is closed, their profile is logged off completely and I don't receive the 530 error.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20286946
Forced accept.

Computer101
EE Admin
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question