the security log on this system is full only admin can login to fix

Posted on 2010-09-04
Last Modified: 2012-05-10
Was there an update that I missed?  Recently I have been bombarded with this error and have to clear/reset the Security Log via Active Directory.

I dont see any recent updates or changes on these pc's  So far it s effecting WinXP boxes not Win7.

Any ideas?

Question by:mebibyte
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2

Expert Comment

ID: 33605311
are your win xp machines set up for some kind of audit logging like windows xp firewall or any other or is it the security log of the server that is getting full?

Accepted Solution

GridLock137 earned 500 total points
ID: 33605323
also on the system you are getting the message on check the follwoing:

right click on my computer> select manage> open even viewer> drill down to security log> right click and select property and under the general and filter tabs check your settings and how often you are auditing these events and also check the filters being used. there might be a domain policy set for your xp machines on the server that may be applied for these machines alone. give that a shot.

Expert Comment

ID: 33605389
I had the same prob a few months ago I used this MS kb.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 33605441
By default these pc's are set to Max Log = 512KB  | Overwrite events older than 7 days  |  Filters: Info, Warnings, Error, Success and Failure Audit.

I have to change the settings to Overwrite events as needed then it goes away.


Expert Comment

ID: 33605463
if this is one machine you could have something happening on there that could be causing the log to fill up prior to the 7 days, check the logs and see what is happening, if you have audits pointing out login failures then maybe depending on the role of this machine, something could be trying to auhtenticate to that machine for some type of service, aslo what has changed recently on this machine?

Expert Comment

ID: 33605476
you can also try this:


Expert Comment

ID: 33605800
If all the log entries look legit then I would increase the max log size so it can accommodate 7- 8 days worth of logs.

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question