Solved

Event Viewer ID Question

Posted on 2011-02-12
1
446 Views
Last Modified: 2012-05-11
I am studying for my MCITP 70-622 and have a quick question on event ID's.  

The text says that when an event begins it is assigned a number for example

4000 for user start up.  Got that

Then it says that when the event completes it will have an event id that is exactly 4000 higher so Event ID 8000 would have a description of "completed computer boot policy...."  I understand that.

The problem is that in the very next line it says for events 5000-5299 indicate group policy processing has completed successfully....these events will always have an event id 1000 heigher than the corresponding scenario start event

That is exactly what they said about the 8000-8299 range.  

What is the difference between the 8000-8299 and 5000-5299 range?
Is one for the computer group policy configuration and one for user group policy configuration because the book doesn't make that distinction?

Any help would be much appreciated.  Thanks

Aaron
0
Comment
Question by:AJJ36
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 18

Accepted Solution

by:
Jerry Miller earned 500 total points
ID: 34879178
Here is a link that explains the events that correspond to particular event ids:

http://technet.microsoft.com/en-us/library/cc749336%28WS.10%29.aspx

The difference is that some are events for Group Policy (4000–4007) and some are events for components of Group Policy (4016–4299, 500-5029).
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question