| Can anyway help with the problem i raised early on today?
|
| Thanks
|
A Windows 2000 client may generate the following event at periodic
intervals, even
though the password policy of the system has not been changed:
Event ID: 643
Type: Success Audit
Description: Domain Policy Changed:
Domain: %1 Domain ID: %2
Caller User Name: %3 Caller Domain: %4
Caller Logon ID: %5 Privileges: %6
Cause:
======
It details how "Password Policy Change" (event 643) does not distinguish
between
policy refresh and actual password policy change. Thus, each time that a
client or
server refreshes their local security policy (5 minutes for Active
Directory domain
clients or 16 hours for NT 4.0 domain clients), the audit event 643 occurs.
Resolution:
=========
This behavior is by design and is not indicating a problem with security or
auditing. This audit event can be safely ignored. In the event that there
is no
associated Event 1704 in the application event log for a 643 event, then
this may
very well be because of a password policy change.
Chad A. Lacy
Windows 2000 Directory Services
==================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================
This posting is provided "AS IS" with no warranties, and confers no rights.
