Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

the security log on this system is full only admin can login to fix

Posted on 2010-09-04
7
Medium Priority
?
552 Views
Last Modified: 2012-05-10
Was there an update that I missed?  Recently I have been bombarded with this error and have to clear/reset the Security Log via Active Directory.

I dont see any recent updates or changes on these pc's  So far it s effecting WinXP boxes not Win7.

Any ideas?



 
0
Comment
Question by:mebibyte
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 7

Expert Comment

by:GridLock137
ID: 33605311
are your win xp machines set up for some kind of audit logging like windows xp firewall or any other or is it the security log of the server that is getting full?
0
 
LVL 7

Accepted Solution

by:
GridLock137 earned 2000 total points
ID: 33605323
also on the system you are getting the message on check the follwoing:

right click on my computer> select manage> open even viewer> drill down to security log> right click and select property and under the general and filter tabs check your settings and how often you are auditing these events and also check the filters being used. there might be a domain policy set for your xp machines on the server that may be applied for these machines alone. give that a shot.
0
 
LVL 5

Expert Comment

by:EnriquePhoenix
ID: 33605389
I had the same prob a few months ago I used this MS kb.
http://support.microsoft.com/kb/867860
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mebibyte
ID: 33605441
By default these pc's are set to Max Log = 512KB  | Overwrite events older than 7 days  |  Filters: Info, Warnings, Error, Success and Failure Audit.

I have to change the settings to Overwrite events as needed then it goes away.

0
 
LVL 7

Expert Comment

by:GridLock137
ID: 33605463
if this is one machine you could have something happening on there that could be causing the log to fill up prior to the 7 days, check the logs and see what is happening, if you have audits pointing out login failures then maybe depending on the role of this machine, something could be trying to auhtenticate to that machine for some type of service, aslo what has changed recently on this machine?
0
 
LVL 7

Expert Comment

by:GridLock137
ID: 33605476
you can also try this:  http://support.microsoft.com/kb/308427

0
 
LVL 5

Expert Comment

by:EnriquePhoenix
ID: 33605800
If all the log entries look legit then I would increase the max log size so it can accommodate 7- 8 days worth of logs.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question