| 0x1200 | Windows 正在启动。%n%n当 LSASS.EXE 启动且审核子系统进行初始化时,会记录此事件。 |
Windows is starting up.%n%nThis event is logged when LSASS.EXE starts and the auditing subsystem is initialized. |
| 0x1201 | Windows 正在关闭。%n此关机会终止所有登录会话。 |
Windows is shutting down.%nAll logon sessions will be terminated by this shutdown. |
| 0x1202 | 本地安全机构已加载身份验证数据包。%n此身份验证数据包将用于对登录尝试进行身份验证。%n%n身份验证数据包名称:%t%1 |
An authentication package has been loaded by the Local Security Authority.%nThis authentication package will be used to authenticate logon attempts.%n%nAuthentication Package Name:%t%1 |
| 0x1203 | 已经将一条受信任的登录进程注册到本地安全机构。%n将信任此登录进程提交登录请求。%n%n使用者:%n%t安全 ID:%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%4%n%n登录进程名:%t%t%5 |
A trusted logon process has been registered with the Local Security Authority.%nThis logon process will be trusted to submit logon requests.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Process Name:%t%t%5 |
| 0x1204 | 为审核消息排序而分配的内部资源已经用尽,这将导致某些审核的丢失。%n%n已丢弃的审核消息数:%t%1%n%n在审核队列已排满并且必须放弃事件时生成此事件。当安全事件生成速度比它们写入到磁盘的速度快时,或者当审核系统与事件日志失去连接时(例如事件日志服务停止时)很可能会发生此事件。 |
Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits.%n%nNumber of audit messages discarded:%t%1%n%nThis event is generated when audit queues are filled and events must be discarded. This most commonly occurs when security events are being generated faster than they are being written to disk, or when the auditing system loses connectivity to the event log, such as when the event log service is stopped. |
| 0x1206 | 安全帐户管理器已经加载通知数据包。%n任何帐户或密码的更改都会通知这个数据包。%n%n通知数据包名:%t%1 |
A notification package has been loaded by the Security Account Manager.%nThis package will be notified of any account or password changes.%n%nNotification Package Name:%t%1 |
| 0x1207 | 对 LPC 端口的无效使用。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%tPID:%t%t%t%7%n%t名称:%t%t%t%8%n%n无效使用:%t%t%5%n%nLPC 服务器端口名:%t%6%n%nWindows 本地安全机构(LSA)使用本地过程调用(LPC)端口与 Windows 内核进行通信。如果你发现此事件,则表明某个应用程序无意或有意地访问了此专门为 LSA 使用所保留的端口。应该调查该应用程序(进程)以确保其不会破坏此信道。 |
Invalid use of LPC port.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tPID:%t%t%t%7%n%tName:%t%t%t%8%n%nInvalid Use:%t%t%5%n%nLPC Server Port Name:%t%6%n%nWindows Local Security Authority (LSA) communicates with the Windows kernel using Local Procedure Call (LPC) ports. If you see this event, an application has inadvertently or intentionally accessed this port which is reserved exclusively for LSA's use. The application (process) should be investigated to ensure that it is not attempting to tamper with this communications channel. |
| 0x1208 | 更改了系统时间。%n%n使用者:%n%t安全 ID:%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%3%n%t登录 ID:%t%4%n%n进程信息:%n%t进程 ID:%t%7%n%t名称:%t%t%8%n%n以前的时间:%t%t%5%n新时间:%t%t%6%n%n当更改系统时间时会生成此事件。这对于 Windows 时间服务属正常情况,该服务以系统特权运行,定期更改系统时间。其他的系统时间更改意味着对计算机的破坏。 |
The system time was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tProcess ID:%t%7%n%tName:%t%t%8%n%nPrevious Time:%t%t%5%nNew Time:%t%t%6%n%nThis event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer. |
| 0x120A | 发生受监视的事件类型。%n%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n警报信息:%n%t计算机:%t%t%2%n%t事件 ID:%t%t%1%n%t事件数:%t%7%n%t持续时间:%t%t%8%n%n将 Windows 配置为根据一般准则安全审核分析要求(FAU_SAA)生成警报并发生可审核的事件类型时,生成此事件。 |
A monitored security event pattern has occurred.%n%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nAlert Information:%n%tComputer:%t%t%2%n%tEvent ID:%t%t%1%n%tNumber of Events:%t%7%n%tDuration:%t%t%8%n%nThis event is generated when Windows is configured to generate alerts in accordance with the Common Criteria Security Audit Analysis requirements (FAU_SAA) and an auditable event pattern occurs. |
| 0x120D | 管理员已从 CrashOnAuditFail 恢复系统。允许非管理员用户登录。可能未记录某些可审核活动。%n%nCrashOnAuditFail 的值:%t%1%n%n在 CrashOnAuditFail 后的系统重新启动之后记录此事件。 |
Administrator recovered system from CrashOnAuditFail. Users who are not administrators will now be allowed to log on. Some auditable activity might not have been recorded.%n%nValue of CrashOnAuditFail:%t%1%n%nThis event is logged after a system reboots following CrashOnAuditFail. |
| 0x120E | 本地安全机制机构已加载安全数据包。%n%n安全数据包名:%t%1 |
A security package has been loaded by the Local Security Authority.%n%nSecurity Package Name:%t%1 |
| 0x1210 | 已成功登录帐户。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录信息:%n%t登录类型:%t%t%9%n%t受限制的管理员模式:%t%22%n%t虚拟帐户:%t%t%25%n%t提升的令牌:%t%t%27%n%n模拟级别:%t%t%21%n%n新登录:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%t链接的登录 ID:%t%t%26%n%t网络帐户名称:%t%23%n%t网络帐户域:%t%24%n%t登录 GUID:%t%t%13%n%n进程信息:%n%t进程 ID:%t%t%17%n%t进程名称:%t%t%18%n%n网络信息:%n%t工作站名称:%t%12%n%t源网络地址:%t%19%n%t源端口:%t%t%20%n%n详细的身份验证信息:%n%t登录进程:%t%t%10%n%t身份验证数据包:%t%11%n%t传递的服务:%t%14%n%t数据包名(仅限 NTLM):%t%15%n%t密钥长度:%t%t%16%n%n创建登录会话时,将在被访问的计算机上生成此事件。%n%n“使用者”字段指示本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指示发生的登录类型。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“新登录”字段指示新登录是为哪个帐户创建的,即已登录的帐户。%n%n“网络”字段指示远程登录请求源自哪里。“工作站名称”并非始终可用,并且在某些情况下可能会留空。%n%n“模拟级别”字段指示登录会话中的进程可以模拟到的程度。%n%n“身份验证信息”字段提供有关此特定登录请求的详细信息。%n%t- “登录 GUID”是可用于将此事件与 KDC 事件关联起来的唯一标识符。%n%t-“传递的服务”指示哪些中间服务参与了此登录请求。%n%t-“数据包名”指示在 NTLM 协议中使用了哪些子协议。%n%t-“密钥长度”指示生成的会话密钥的长度。如果没有请求会话密钥,则此字段将为 0。 |
An account was successfully logged on.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Information:%n%tLogon Type:%t%t%9%n%tRestricted Admin Mode:%t%22%n%tVirtual Account:%t%t%25%n%tElevated Token:%t%t%27%n%nImpersonation Level:%t%t%21%n%nNew Logon:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%tLinked Logon ID:%t%t%26%n%tNetwork Account Name:%t%23%n%tNetwork Account Domain:%t%24%n%tLogon GUID:%t%t%13%n%nProcess Information:%n%tProcess ID:%t%t%17%n%tProcess Name:%t%t%18%n%nNetwork Information:%n%tWorkstation Name:%t%12%n%tSource Network Address:%t%19%n%tSource Port:%t%t%20%n%nDetailed Authentication Information:%n%tLogon Process:%t%t%10%n%tAuthentication Package:%t%11%n%tTransited Services:%t%14%n%tPackage Name (NTLM only):%t%15%n%tKey Length:%t%t%16%n%nThis event is generated when a logon session is created. It is generated on the computer that was accessed.%n%nThe subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).%n%nThe New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.%n%nThe network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.%n%nThe impersonation level field indicates the extent to which a process in the logon session can impersonate.%n%nThe authentication information fields provide detailed information about this specific logon request.%n%t- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.%n%t- Transited services indicate which intermediate services have participated in this logon request.%n%t- Package name indicates which sub-protocol was used among the NTLM protocols.%n%t- Key length indicates the length of the generated session key. This will be 0 if no session key was requested. |
| 0x1211 | 帐户登录失败。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%11%n%n登录失败的帐户:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%n失败信息:%n%t失败原因:%t%t%9%n%t状态:%t%t%t%8%n%t子状态:%t%t%10%n%n进程信息:%n%t调用方进程 ID:%t%18%n%t调用方进程名:%t%19%n%n网络信息:%n%t工作站名:%t%14%n%t源网络地址:%t%20%n%t源端口:%t%t%21%n%n详细身份验证信息:%n%t登录进程:%t%t%12%n%t身份验证数据包:%t%13%n%t传递服务:%t%15%n%t数据包名(仅限 NTLM):%t%16%n%t密钥长度:%t%t%17%n%n登录请求失败时在尝试访问的计算机上生成此事件。%n%n“使用者”字段指明本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指明发生的登录的种类。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“进程信息”字段表明系统上的哪个帐户和进程请求了登录。%n%n“网络信息”字段指明远程登录请求来自哪里。“工作站名”并非总是可用,而且在某些情况下可能会留为空白。%n%n“身份验证信息”字段提供关于此特定登录请求的详细信息。%n%t-“传递服务”指明哪些直接服务参与了此登录请求。%n%t-“数据包名”指明在 NTLM 协议之间使用了哪些子协议。%n%t-“密钥长度”指明生成的会话密钥的长度。如果没有请求会话密钥,则此字段为 0。 |
An account failed to log on.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%11%n%nAccount For Which Logon Failed:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%nFailure Information:%n%tFailure Reason:%t%t%9%n%tStatus:%t%t%t%8%n%tSub Status:%t%t%10%n%nProcess Information:%n%tCaller Process ID:%t%18%n%tCaller Process Name:%t%19%n%nNetwork Information:%n%tWorkstation Name:%t%14%n%tSource Network Address:%t%20%n%tSource Port:%t%t%21%n%nDetailed Authentication Information:%n%tLogon Process:%t%t%12%n%tAuthentication Package:%t%13%n%tTransited Services:%t%15%n%tPackage Name (NTLM only):%t%16%n%tKey Length:%t%t%17%n%nThis event is generated when a logon request fails. It is generated on the computer where access was attempted.%n%nThe Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).%n%nThe Process Information fields indicate which account and process on the system requested the logon.%n%nThe Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.%n%nThe authentication information fields provide detailed information about this specific logon request.%n%t- Transited services indicate which intermediate services have participated in this logon request.%n%t- Package name indicates which sub-protocol was used among the NTLM protocols.%n%t- Key length indicates the length of the generated session key. This will be 0 if no session key was requested. |
| 0x1212 | 用户/设备声明信息。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%9%n%n新登录:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n事件顺序:%t%t%10 / %11%n%n用户声明:%t%t%t%12%n%n设备声明:%t%t%t%13%n%n“使用者”字段指明本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指明发生的登录种类。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“新登录”字段指明新登录是为哪个帐户创建的,即登录的帐户。%n%n此事件是在配置审核用户/设备声明子类别并且用户的登录令牌包含用户/设备声明信息时生成的。可以使用“登录 ID”字段,将此事件与相应的用户登录事件以及在此登录会话期间生成的任何其他安全审核事件相关联。 |
User / Device claims information.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%9%n%nNew Logon:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nEvent in sequence:%t%t%10 of %11%n%nUser Claims:%t%t%t%12%n%nDevice Claims:%t%t%t%13%n%nThe subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).%n%nThe New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.%n%nThis event is generated when the Audit User/Device claims subcategory is configured and the user’s logon token contains user/device claims information. The Logon ID field can be used to correlate this event with the corresponding user logon event as well as to any other security audit events generated during this logon session. |
| 0x1213 | 组成员身份信息。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%9%n%n新登录:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n事件顺序:%t%t%10/%11%n%n组成员身份:%t%t%t%12%n%n“使用者”字段指示本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指示发生的登录类型。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“新登录”字段指示新登录是为哪个帐户创建的,即已登录的帐户。%n%n配置审计组成员身份子类别时,将生成此事件。可以使用“登录 ID”字段,将此事件与相应的用户登录事件以及在此登录会话期间生成的任何其他安全审核事件相关联。 |
Group membership information.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%9%n%nNew Logon:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nEvent in sequence:%t%t%10 of %11%n%nGroup Membership:%t%t%t%12%n%nThe subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).%n%nThe New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.%n%nThis event is generated when the Audit Group Membership subcategory is configured. The Logon ID field can be used to correlate this event with the corresponding user logon event as well as to any other security audit events generated during this logon session. |
| 0x121A | 已注销帐户。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%5%n%n在登录会话被破坏时生成此事件。可以使用登录 ID 值将它和一个登录事件准确关联起来。在同一台计算机上重新启动的区间中,登录 ID 是唯一的。 |
An account was logged off.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%5%n%nThis event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer. |
| 0x1226 | %1%n |
%1%n |
| 0x1227 | 用户启动的注销:%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n启动注销时,将生成此事件。以后不会再发生用户启动的活动。此事件可以解释为注销事件。 |
User initiated logoff:%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nThis event is generated when a logoff is initiated. No further user-initiated activity can occur. This event can be interpreted as a logoff event. |
| 0x1228 | 试图使用显式凭据登录。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t登录 GUID:%t%t%5%n%n使用了哪个帐户的凭据:%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 GUID:%t%t%8%n%n目标服务器:%n%t目标服务器名:%t%9%n%t附加信息:%t%10%n%n进程信息:%n%t进程 ID:%t%t%11%n%t进程名:%t%t%12%n%n网络信息:%n%t网络地址:%t%13%n%t端口:%t%t%t%14%n%n在进程尝试通过显式指定帐户的凭据来登录该帐户时生成此事件。这通常发生在批量类型的配置中(例如计划任务) 或者使用 RUNAS 命令时。 |
A logon was attempted using explicit credentials.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tLogon GUID:%t%t%5%n%nAccount Whose Credentials Were Used:%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon GUID:%t%t%8%n%nTarget Server:%n%tTarget Server Name:%t%9%n%tAdditional Information:%t%10%n%nProcess Information:%n%tProcess ID:%t%t%11%n%tProcess Name:%t%t%12%n%nNetwork Information:%n%tNetwork Address:%t%13%n%tPort:%t%t%t%14%n%nThis event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. |
| 0x1229 | 检测到重播攻击。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n被重播的凭据:%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%n进程信息:%n%t进程 ID:%t%t%12%n%t进程名:%t%t%13%n%n网络信息:%n%t工作站名:%t%10%n%n详细身份验证信息:%n%t请求类型:%t%t%7%n%t登录进程:%t%t%8%n%t身份验证数据包:%t%9%n%t传递服务:%t%11%n%n此事件表示检测到 Kerberos 重播攻击,同一条请求收到两次且信息相同。这可能是由网络配置错误导致的。 |
A replay attack was detected.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCredentials Which Were Replayed:%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%nProcess Information:%n%tProcess ID:%t%t%12%n%tProcess Name:%t%t%13%n%nNetwork Information:%n%tWorkstation Name:%t%10%n%nDetailed Authentication Information:%n%tRequest Type:%t%t%7%n%tLogon Process:%t%t%8%n%tAuthentication Package:%t%9%n%tTransited Services:%t%11%n%nThis event indicates that a Kerberos replay attack was detected- a request was received twice with identical information. This condition could be caused by network misconfiguration. |
| 0x122A | 已建立 IPsec 主模式安全关联。未启用扩展模式。未使用证书身份验证。%n%n本地终结点:%n%t主体名称:%t%1%n%t网络地址:%t%3%n%t键控模块端口:%t%4%n%n远程终结点:%n%t主体名称:%t%2%n%t网络地址:%t%5%n%t键控模块端口:%t%6%n%n安全关联信息:%n%t生存时间(分钟):%t%12%n%t快速模式限制:%t%13%n%t主模式 SA ID:%t%17%n%n加密信息:%n%t密码算法:%t%9%n%t完整性算法:%t%10%n%tDiffie-Hellman 组:%t%11%n%n附加信息:%n%t键控模块名称:%t%7%n%t身份验证方法:%t%8%n%tRole:%t%14%n%t模拟状态:%t%15%n%t主模式筛选器 ID:%t%16 |
An IPsec main mode security association was established. Extended mode was not enabled. Certificate authentication was not used.%n%nLocal Endpoint:%n%tPrincipal Name:%t%1%n%tNetwork Address:%t%3%n%tKeying Module Port:%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%2%n%tNetwork Address:%t%5%n%tKeying Module Port:%t%6%n%nSecurity Association Information:%n%tLifetime (minutes):%t%12%n%tQuick Mode Limit:%t%13%n%tMain Mode SA ID:%t%17%n%nCryptographic Information:%n%tCipher Algorithm:%t%9%n%tIntegrity Algorithm:%t%10%n%tDiffie-Hellman Group:%t%11%n%nAdditional Information:%n%tKeying Module Name:%t%7%n%tAuthentication Method:%t%8%n%tRole:%t%14%n%tImpersonation State:%t%15%n%tMain Mode Filter ID:%t%16 |
| 0x122B | 已建立 IPsec 主模式安全关联。未启用扩展模式。已使用证书进行身份验证。%n%n本地终结点:%n%t主体名称:%t%1%n%t网络地址:%t%9%n%t键控模块端口:%t%10%n%n本地证书:%n%tSHA 指纹:%t%2%n%t发证 CA:%t%t%3%n%t根 CA:%t%t%4%n%n远程终结点:%n%t主体名称:%t%5%n%t网络地址:%t%11%n%t键控模块端口:%t%12%n%n远程证书:%n%tSHA 指纹:%t%6%n%t发证 CA:%t%t%7%n%t根 CA:%t%t%8%n%n加密信息:%n%t密码算法:%t%15%n%t完整性算法:%t%16%n%tDiffie-Hellman 组:%t%17%n%n安全关联信息:%n%t生存时间(分钟):%t%18%n%t快速模式限制:%t%19%n%t主模式 SA ID:%t%23%n%n附加信息:%n%t键控模块名称:%t%13%n%t身份验证方法:%t%14%n%t角色:%t%20%n%t模拟状态:%t%21%n%t主模式筛选器 ID:%t%22 |
An IPsec main mode security association was established. Extended mode was not enabled. A certificate was used for authentication.%n%nLocal Endpoint:%n%tPrincipal Name:%t%1%n%tNetwork Address:%t%9%n%tKeying Module Port:%t%10%n%nLocal Certificate:%n%tSHA Thumbprint:%t%2%n%tIssuing CA:%t%t%3%n%tRoot CA:%t%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%5%n%tNetwork Address:%t%11%n%tKeying Module Port:%t%12%n%nRemote Certificate:%n%tSHA thumbprint: %t%6%n%tIssuing CA:%t%t%7%n%tRoot CA:%t%t%8%n%nCryptographic Information:%n%tCipher Algorithm:%t%15%n%tIntegrity Algorithm:%t%16%n%tDiffie-Hellman Group:%t%17%n%nSecurity Association Information:%n%tLifetime (minutes):%t%18%n%tQuick Mode Limit:%t%19%n%tMain Mode SA ID:%t%23%n%nAdditional Information:%n%tKeying Module Name:%t%13%n%tAuthentication Method:%t%14%n%tRole:%t%20%n%tImpersonation State:%t%21%n%tMain Mode Filter ID:%t%22 |
| 0x122C | IPsec 主模式协商失败。%n%n%n本地终结点:%n%t主体名称:%t%t%1%n%t网络地址:%t%9%n%t键控模块端口:%t%10%n%n本地证书:%n%tSHA 指纹:%t%2%n%t发证 CA:%t%t%3%n%t根 CA:%t%t%4%n%n远程终结点:%n%t主体名称:%t%t%5%n%t网络地址:%t%11%n%t键控模块端口:%t%12%n%n远程证书:%n%tSHA 指纹:%t%t%6%n%t发证 CA:%t%t%7%n%t根 CA:%t%t%8%n%n附加信息:%n%t键控模块名称:%t%13%n%t身份验证方法:%t%16%n%t角色:%t%t%18%n%t模拟状态:%t%19%n%t主模式筛选器 ID:%t%20%n%n失败信息:%n%t失败点:%t%t%t%14%n%t失败原因:%t%t%15%n%t状态:%t%t%t%17%n%t发起程序 Cookie:%t%21%n%t响应程序 Cookie:%t%22 |
An IPsec main mode negotiation failed.%n%n%nLocal Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%9%n%tKeying Module Port:%t%10%n%nLocal Certificate:%n%tSHA Thumbprint:%t%2%n%tIssuing CA:%t%t%3%n%tRoot CA:%t%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%5%n%tNetwork Address:%t%11%n%tKeying Module Port:%t%12%n%nRemote Certificate:%n%tSHA thumbprint:%t%t%6%n%tIssuing CA:%t%t%7%n%tRoot CA:%t%t%8%n%nAdditional Information:%n%tKeying Module Name:%t%13%n%tAuthentication Method:%t%16%n%tRole:%t%t%t%18%n%tImpersonation State:%t%19%n%tMain Mode Filter ID:%t%20%n%nFailure Information:%n%tFailure Point:%t%t%14%n%tFailure Reason:%t%t%15%n%tState:%t%t%t%17%n%tInitiator Cookie:%t%t%21%n%tResponder Cookie:%t%22 |
| 0x122D | IPsec 主模式协商失败。%n%n本地终结点:%n%t本地主体名称:%t%t%1%n%t网络地址:%t%t%3%n%t键控模块端口:%t%t%4%n%n远程终结点:%n%t主体名称:%t%t%2%n%t网络地址:%t%t%5%n%t键控模块端口:%t%t%6%n%n附加信息:%n%t键控模块名称:%t%t%7%n%t身份验证方法:%t%t%10%n%t角色:%t%t%t%12%n%t模拟状态:%t%t%13%n%t主模式筛选器 ID:%t%14%n%n失败信息:%n%t失败点:%t%t%t%8%n%t失败原因:%t%t%9%n%t状态:%t%t%t%11%n%t发起程序 Cookie:%t%15%n%t响应程序 Cookie:%t%16 |
An IPsec main mode negotiation failed.%n%nLocal Endpoint:%n%tLocal Principal Name:%t%1%n%tNetwork Address:%t%3%n%tKeying Module Port:%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%2%n%tNetwork Address:%t%5%n%tKeying Module Port:%t%6%n%nAdditional Information:%n%tKeying Module Name:%t%7%n%tAuthentication Method:%t%10%n%tRole:%t%t%t%12%n%tImpersonation State:%t%13%n%tMain Mode Filter ID:%t%14%n%nFailure Information:%n%tFailure Point:%t%t%8%n%tFailure Reason:%t%t%9%n%tState:%t%t%t%11%n%tInitiator Cookie:%t%t%15%n%tResponder Cookie:%t%16 |
| 0x122E | IPSec 快速模式协商失败。%n%n本地终结点:%n%t网络地址:%t%1%n%t网络地址掩码:%t%2%n%t端口:%t%t%t%3%n%t隧道终结点:%t%t%4%n%n远程终结点:%n%t网络地址:%t%5%n%t地址掩码:%t%t%6%n%t端口:%t%t%t%7%n%t隧道终结点:%t%t%8%n%t专用地址:%t%t%10%n%n其他信息:%n%t协议:%t%t%9%n%t密钥模块名称:%t%11%n%t虚拟接口隧道 ID:%t%20%n%t流量选择器 ID:%t%21%n%t模式:%t%t%t%14%n%t角色:%t%t%t%16%n%t快速模式筛选器 ID:%t%18%n%t主模式 SA ID:%t%19%n%n失败信息:%n%t状态:%t%t%t%15%n%t消息 ID:%t%t%17%n%t失败点:%t%t%12%n%t失败原因:%t%t%13 |
An IPsec quick mode negotiation failed.%n%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tNetwork Address mask:%t%2%n%tPort:%t%t%t%3%n%tTunnel Endpoint:%t%t%4%n%nRemote Endpoint:%n%tNetwork Address:%t%5%n%tAddress Mask:%t%t%6%n%tPort:%t%t%t%7%n%tTunnel Endpoint:%t%t%8%n%tPrivate Address:%t%t%10%n%nAdditional Information:%n%tProtocol:%t%t%9%n%tKeying Module Name:%t%11%n%tVirtual Interface Tunnel ID:%t%20%n%tTraffic Selector ID:%t%21%n%tMode:%t%t%t%14%n%tRole:%t%t%t%16%n%tQuick Mode Filter ID:%t%18%n%tMain Mode SA ID:%t%19%n%nFailure Information:%n%tState:%t%t%t%15%n%tMessage ID:%t%t%17%n%tFailure Point:%t%t%12%n%tFailure Reason:%t%t%13 |
| 0x122F | IPSec 主模式安全关联结束。%n%n本地网络地址:%t%t%1%n远程网络地址:%t%2%n键控模块名称:%t%t%3%n主模式 SA ID:%t%t%4 |
An IPsec main mode security association ended.%n%nLocal Network Address:%t%t%1%nRemote Network Address:%t%2%nKeying Module Name:%t%t%3%nMain Mode SA ID:%t%t%4 |
| 0x1230 | 已请求到对象的句柄。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%t对象名:%t%t%7%n%t句柄 ID:%t%t%8%n%t资源属性:%t%17%n%n进程信息:%n%t进程 ID:%t%t%15%n%t进程名:%t%t%16%n%n访问请求信息:%n%t事务 ID:%t%t%9%n%t访问:%t%t%10%n%t访问原因:%t%t%11%n%t访问掩码:%t%t%12%n%t用于访问检查的特权:%t%13%n%t受限 SID 计数:%t%14 |
A handle to an object was requested.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%tObject Name:%t%t%7%n%tHandle ID:%t%t%8%n%tResource Attributes:%t%17%n%nProcess Information:%n%tProcess ID:%t%t%15%n%tProcess Name:%t%t%16%n%nAccess Request Information:%n%tTransaction ID:%t%t%9%n%tAccesses:%t%t%10%n%tAccess Reasons:%t%t%11%n%tAccess Mask:%t%t%12%n%tPrivileges Used for Access Check:%t%13%n%tRestricted SID Count:%t%14 |
| 0x1231 | 已修改注册表值。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象名称:%t%t%5%n%t对象值名称:%t%6%n%t句柄 ID:%t%t%7%n%t操作类型:%t%t%8%n%n进程信息:%n%t进程 ID:%t%t%13%n%t进程名:%t%t%14%n%n更改信息:%n%t旧值类型:%t%t%9%n%t旧值:%t%t%10%n%t新值类型:%t%t%11%n%t新值:%t%t%12 |
A registry value was modified.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Name:%t%t%5%n%tObject Value Name:%t%6%n%tHandle ID:%t%t%7%n%tOperation Type:%t%t%8%n%nProcess Information:%n%tProcess ID:%t%t%13%n%tProcess Name:%t%t%14%n%nChange Information:%n%tOld Value Type:%t%t%9%n%tOld Value:%t%t%10%n%tNew Value Type:%t%t%11%n%tNew Value:%t%t%12 |
| 0x1232 | 已关闭到对象的句柄。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t句柄 ID:%t%t%6%n%n进程信息:%n%t进程 ID:%t%t%7%n%t进程名:%t%t%8 |
The handle to an object was closed.%n%nSubject :%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tHandle ID:%t%t%6%n%nProcess Information:%n%tProcess ID:%t%t%7%n%tProcess Name:%t%t%8 |
| 0x1233 | 已请求到对象的句柄,目的是进行删除。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%13%n%n访问请求信息:%n%t事务 ID:%t%9%n%t访问:%t%10%n%t访问掩码:%t%11%n%t用于访问检查的特权:%t%12 |
A handle to an object was requested with intent to delete.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%13%n%nAccess Request Information:%n%tTransaction ID:%t%9%n%tAccesses:%t%10%n%tAccess Mask:%t%11%n%tPrivileges Used for Access Check:%t%12 |
| 0x1234 | 已删除对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t句柄 ID:%t%6%n%n进程信息:%n%t进程 ID:%t%7%n%t进程名:%t%8%n%t事务 ID:%t%9 |
An object was deleted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tHandle ID:%t%6%n%nProcess Information:%n%tProcess ID:%t%7%n%tProcess Name:%t%8%n%tTransaction ID:%t%9 |
| 0x1235 | 请求某个对象的句柄。%n%n主题:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名称:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%16%n%t进程名称:%t%17%n%n访问请求信息:%n%t事务 ID:%t%9%n%t访问次数:%t%10%n%t访问原因:%t%t%11%n%t访问掩码:%t%12%n%t用于访问检查的权限:%t%13%n%t属性:%t%14%n%t受限 SID 计数:%t%15 |
A handle to an object was requested.%n%nSubject :%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%16%n%tProcess Name:%t%17%n%nAccess Request Information:%n%tTransaction ID:%t%9%n%tAccesses:%t%10%n%tAccess Reasons:%t%t%11%n%tAccess Mask:%t%12%n%tPrivileges Used for Access Check:%t%13%n%tProperties:%t%14%n%tRestricted SID Count:%t%15 |
| 0x1236 | 在对象上已执行操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%t对象名:%t%t%7%n%t句柄 ID:%t%t%9%n%n操作:%n%t操作类型:%t%t%8%n%t访问:%t%t%10%n%t访问掩码:%t%t%11%n%t属性:%t%t%12%n%n附加信息:%n%t参数 1:%t%t%13%n%t参数 2:%t%t%14 |
An operation was performed on an object.%n%nSubject :%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%tObject Name:%t%t%7%n%tHandle ID:%t%t%9%n%nOperation:%n%tOperation Type:%t%t%8%n%tAccesses:%t%t%10%n%tAccess Mask:%t%t%11%n%tProperties:%t%t%12%n%nAdditional Information:%n%tParameter 1:%t%t%13%n%tParameter 2:%t%t%14 |
| 0x1237 | 试图访问对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%t对象名:%t%t%7%n%t句柄 ID:%t%t%8%n%t资源属性:%t%13%n%n进程信息:%n%t进程 ID:%t%t%11%n%t进程名:%t%t%12%n%n访问请求信息:%n%t访问:%t%t%9%n%t访问掩码:%t%t%10 |
An attempt was made to access an object.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%tObject Name:%t%t%7%n%tHandle ID:%t%t%8%n%tResource Attributes:%t%13%n%nProcess Information:%n%tProcess ID:%t%t%11%n%tProcess Name:%t%t%12%n%nAccess Request Information:%n%tAccesses:%t%t%9%n%tAccess Mask:%t%t%10 |
| 0x1238 | 试图创建硬链接。%n%n使用者:%n%t帐户名:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n链接信息:%n%t文件名:%t%5%n%t链接名:%t%6%n%t事务 ID:%t%7 |
An attempt was made to create a hard link.%n%nSubject:%n%tAccount Name:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLink Information:%n%tFile Name:%t%5%n%tLink Name:%t%6%n%tTransaction ID:%t%7 |
| 0x1239 | 试图创建应用程序客户端环境。%n%n使用者:%n%t客户端名:%t%t%3%n%t客户端域:%t%t%4%n%t客户端环境 ID:%t%5%n%n应用程序信息:%n%t应用程序名:%t%1%n%t应用程序实例 ID:%t%2%n%n状态:%t%6 |
An attempt was made to create an application client context.%n%nSubject:%n%tClient Name:%t%t%3%n%tClient Domain:%t%t%4%n%tClient Context ID:%t%5%n%nApplication Information:%n%tApplication Name:%t%1%n%tApplication Instance ID:%t%2%n%nStatus:%t%6 |
| 0x123A | 应用程序试图执行某操作:%n%n使用者:%n%t客户端名:%t%t%5%n%t客户端域:%t%t%6%n%t客户端环境 ID:%t%7%n%n对象:%n%t对象名:%t%t%3%n%t作用域名:%t%t%4%n%n应用程序信息:%n%t应用程序名:%t%1%n%t应用程序实例 ID:%t%2%n%n访问请求信息:%n%t角色:%t%t%t%8%n%t组:%t%t%t%9%n%t操作名:%t%10 (%11) |
An application attempted an operation:%n%nSubject:%n%tClient Name:%t%t%5%n%tClient Domain:%t%t%6%n%tClient Context ID:%t%7%n%nObject:%n%tObject Name:%t%t%3%n%tScope Names:%t%t%4%n%nApplication Information:%n%tApplication Name:%t%1%n%tApplication Instance ID:%t%2%n%nAccess Request Information:%n%tRole:%t%t%t%8%n%tGroups:%t%t%t%9%n%tOperation Name:%t%10 (%11) |
| 0x123B | 已删除应用程序客户端环境。%n%n使用者:%n%t客户端名:%t%t%3%n%t客户端域:%t%t%4%n%t客户端环境 ID:%t%5%n%n应用程序信息:%n%t应用程序名:%t%1%n%t应用程序实例 ID:%t%2 |
An application client context was deleted.%n%nSubject:%n%tClient Name:%t%t%3%n%tClient Domain:%t%t%4%n%tClient Context ID:%t%5%n%nApplication Information:%n%tApplication Name:%t%1%n%tApplication Instance ID:%t%2 |
| 0x123C | 已初始化应用程序。%n%n使用者:%n%t客户端名:%t%3%n%t客户端域:%t%4%n%t客户端 ID:%t%5%n%n应用程序信息:%n%t应用程序名:%t%1%n%t应用程序实例 ID:%t%2%n%n附加信息:%n%t策略存储 URL:%t%6 |
An application was initialized.%n%nSubject:%n%tClient Name:%t%3%n%tClient Domain:%t%4%n%tClient ID:%t%5%n%nApplication Information:%n%tApplication Name:%t%1%n%tApplication Instance ID:%t%2%n%nAdditional Information:%n%tPolicy Store URL:%t%6 |
| 0x123E | 已更改对象权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t句柄 ID:%t%8%n%n进程:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n权限更改:%n%t原始安全描述符:%t%9%n%t新安全描述符:%t%10 |
Permissions on an object were changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nPermissions Change:%n%tOriginal Security Descriptor:%t%9%n%tNew Security Descriptor:%t%10 |
| 0x123F | 应用程序试图通过 TBS 访问被阻止的序号。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n序号:%t%5 |
An application attempted to access a blocked ordinal through the TBS.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nOrdinal:%t%5 |
| 0x1240 | 为新登录分配了特殊权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n特权:%t%t%5 |
Special privileges assigned to new logon.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nPrivileges:%t%t%5 |
| 0x1241 | 已调用特权服务。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n服务:%n%t服务器:%t%5%n%t服务名:%t%6%n%n进程:%n%t进程 ID:%t%8%n%t进程名:%t%9%n%n服务请求信息:%n%t特权:%t%t%7 |
A privileged service was called.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nService:%n%tServer:%t%5%n%tService Name:%t%6%n%nProcess:%n%tProcess ID:%t%8%n%tProcess Name:%t%9%n%nService Request Information:%n%tPrivileges:%t%t%7 |
| 0x1242 | 试图对特权对象进行操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t对象句柄:%t%8%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n请求的操作:%n%t所需访问权限:%t%9%n%t特权:%t%t%10 |
An operation was attempted on a privileged object.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tObject Handle:%t%8%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nRequested Operation:%n%tDesired Access:%t%9%n%tPrivileges:%t%t%10 |
| 0x1243 | 已筛选 SID。%n%n目标帐户:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%n信任信息:%n%t信任方向:%t%4%n%t信任属性:%t%5%n%t信任类型:%t%6%n%tTDO 域 SID:%t%7%n%n已筛选的 SID:%t%8 |
SIDs were filtered.%n%nTarget Account:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%nTrust Information:%n%tTrust Direction:%t%4%n%tTrust Attributes:%t%5%n%tTrust Type:%t%6%n%tTDO Domain SID:%t%7%n%nFiltered SIDs:%t%8 |
| 0x1250 | 已创建新进程。%n%n创建者主题:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n目标主题:%n%t安全 ID:%t%t%10%n%t帐户名:%t%t%11%n%t帐户域:%t%t%12%n%t登录 ID:%t%t%13%n%n进程信息:%n%t新进程 ID:%t%t%5%n%t新进程名称:%t%6!S!%n%t令牌提升类型:%t%7%n%t强制性标签:%t%t%15%n%t创建者进程 ID:%t%8%n%t创建者进程名称:%t%14!S!%n%t进程命令行:%t%9!S!%n%n“令牌提升类型”表示根据用户帐户控制策略分配给新进程的令牌类型。%n%n类型 1 是未删除特权或未禁用组的完全令牌。完全令牌仅在禁用了用户帐户控制或者用户是内置管理员帐户或服务帐户的情况下使用。%n%n类型 2 是未删除特权或未禁用组的提升令牌。当启用了用户帐户控制并且用户选择使用“以管理员身份运行”选项启动程序时,会使用提升令牌。当应用程序配置为始终需要管理特权或始终需要最高特权并且用户是管理员组的成员时,也会使用提升令牌。%n%n类型 3 是删除了管理特权并禁用了管理组的受限令牌。当启用了用户帐户控制,应用程序不需要管理特权并且用户未选择使用“以管理员身份运行”选项启动程序时,会使用受限令牌。 |
A new process has been created.%n%nCreator Subject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTarget Subject:%n%tSecurity ID:%t%t%10%n%tAccount Name:%t%t%11%n%tAccount Domain:%t%t%12%n%tLogon ID:%t%t%13%n%nProcess Information:%n%tNew Process ID:%t%t%5%n%tNew Process Name:%t%6!S!%n%tToken Elevation Type:%t%7%n%tMandatory Label:%t%t%15%n%tCreator Process ID:%t%8%n%tCreator Process Name:%t%14!S!%n%tProcess Command Line:%t%9!S!%n%nToken Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.%n%nType 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.%n%nType 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.%n%nType 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator. |
| 0x1251 | 已退出进程。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%t进程 ID:%t%6%n%t进程名:%t%7%n%t退出状态:%t%5 |
A process has exited.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tProcess ID:%t%6%n%tProcess Name:%t%7%n%tExit Status:%t%5 |
| 0x1252 | 试图将句柄复制到对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n源句柄信息:%n%t源句柄 ID:%t%5%n%t源进程 ID:%t%6%n%n新句柄信息:%n%t目标句柄 ID:%t%7%n%t目标进程 ID:%t%8 |
An attempt was made to duplicate a handle to an object.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nSource Handle Information:%n%tSource Handle ID:%t%5%n%tSource Process ID:%t%6%n%nNew Handle Information:%n%tTarget Handle ID:%t%7%n%tTarget Process ID:%t%8 |
| 0x1253 | 已请求到对象的间接访问权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象类型:%t%5%n%t对象名:%t%6%n%n进程信息:%n%t进程 ID:%t%9%n%n访问请求信息:%n%t访问:%t%7%n%t访问掩码:%t%8 |
Indirect access to an object was requested.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Type:%t%5%n%tObject Name:%t%6%n%nProcess Information:%n%tProcess ID:%t%9%n%nAccess Request Information:%n%tAccesses:%t%7%n%tAccess Mask:%t%8 |
| 0x1254 | 试图备份数据保护主密钥。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n密钥信息:%n%t密钥标识符:%t%5%n%t恢复服务器:%t%6%n%t恢复密钥 ID:%t%7%n%n状态信息:%n%t状态代码:%t%8 |
Backup of data protection master key was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nKey Information:%n%tKey Identifier:%t%5%n%tRecovery Server:%t%6%n%tRecovery Key ID:%t%7%n%nStatus Information:%n%tStatus Code:%t%8 |
| 0x1255 | 试图恢复数据保护主密钥。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n密钥信息:%n%t密钥标识符:%t%5%n%t恢复服务器:%t%6%n%t恢复密钥 ID:%t%8%n%t恢复原因:%t%7%n%n状态信息:%n%t状态代码:%t%9 |
Recovery of data protection master key was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nKey Information:%n%tKey Identifier:%t%5%n%tRecovery Server:%t%6%n%tRecovery Key ID:%t%8%n%tRecovery Reason:%t%7%n%nStatus Information:%n%tStatus Code:%t%9 |
| 0x1256 | 试图保护可审核的受保护数据。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n受保护数据:%n%t数据描述:%t%6%n%t密钥标识符:%t%5%n%t受保护数据标志:%t%7%n%t保护算法:%t%8%n%n状态信息:%n%t状态代码:%t%9 |
Protection of auditable protected data was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProtected Data:%n%tData Description:%t%6%n%tKey Identifier:%t%5%n%tProtected Data Flags:%t%7%n%tProtection Algorithms:%t%8%n%nStatus Information:%n%tStatus Code:%t%9 |
| 0x1257 | 试图取消对可审核的受保护数据的保护。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n受保护数据:%n%t数据描述:%t%6%n%t数据标识符:%t%5%n%t受保护数据标志:%t%7%n%t保护算法:%t%8%n%n状态信息:%n%t状态代码:%t%9 |
Unprotection of auditable protected data was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProtected Data:%n%tData Description:%t%6%n%tKey Identifier:%t%5%n%tProtected Data Flags:%t%7%n%tProtection Algorithms:%t%8%n%nStatus Information:%n%tStatus Code:%t%9 |
| 0x1258 | 已为进程分配主令牌。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n目标进程:%n%t目标进程 ID:%t%9%n%t目标进程名:%t%10%n%n新令牌信息:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8 |
A primary token was assigned to process.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nTarget Process:%n%tTarget Process ID:%t%9%n%tTarget Process Name:%t%10%n%nNew Token Information:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8 |
| 0x1259 | 系统中已安装某服务。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n服务信息:%n%t服务名:%t%t%5%n%t服务文件名:%t%6%n%t服务类型:%t%t%7%n%t服务启动类型:%t%8%n%t服务帐户:%t%t%9 |
A service was installed in the system.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nService Information:%n%tService Name: %t%t%5%n%tService File Name:%t%6%n%tService Type: %t%t%7%n%tService Start Type:%t%8%n%tService Account: %t%t%9 |
| 0x125A | 已创建计划任务。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n任务信息:%n%t任务名称: %t%t%5%n%t任务内容: %t%t%6%n%t |
A scheduled task was created.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTask Information:%n%tTask Name: %t%t%5%n%tTask Content: %t%t%6%n%t |
| 0x125B | 计划任务已删除。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n任务信息:%n%t任务名称: %t%t%5%n%t任务内容: %t%t%6%n%t |
A scheduled task was deleted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTask Information:%n%tTask Name: %t%t%5%n%tTask Content: %t%t%6%n%t |
| 0x125C | 计划任务已启用。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n任务信息:%n%t任务名称: %t%t%5%n%t任务内容: %t%t%6%n%t |
A scheduled task was enabled.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTask Information:%n%tTask Name: %t%t%5%n%tTask Content: %t%t%6%n%t |
| 0x125D | 计划任务已禁用。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n任务信息:%n%t任务名称: %t%t%5%n%t任务内容: %t%t%6%n%t |
A scheduled task was disabled.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTask Information:%n%tTask Name: %t%t%5%n%tTask Content: %t%t%6%n%t |
| 0x125E | 计划任务已更新。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n任务信息:%n%t任务名称: %t%t%5%n%t任务新内容: %t%t%6%n%t |
A scheduled task was updated.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTask Information:%n%tTask Name: %t%t%5%n%tTask New Content: %t%t%6%n%t |
| 0x125F | 调整了令牌权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n目标帐户:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n进程信息:%n%t进程 ID:%t%t%10%n%t进程名称:%t%t%9%n%n启用的特权:%n%t%t%t%11%n%n禁用的特权:%n%t%t%t%12 |
A token right was adjusted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTarget Account:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nProcess Information:%n%tProcess ID:%t%t%10%n%tProcess Name:%t%t%9%n%nEnabled Privileges:%n%t%t%t%11%n%nDisabled Privileges:%n%t%t%t%12 |
| 0x1260 | 已分配用户权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n目标帐户:%n%t帐户名:%t%t%5%n%n新权限:%n%t用户权限:%t%t%6 |
A user right was assigned.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTarget Account:%n%tAccount Name:%t%t%5%n%nNew Right:%n%tUser Right:%t%t%6 |
| 0x1261 | 已删除用户权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n目标帐户:%n%t帐户名:%t%t%5%n%n已删除权限:%n%t用户权限:%t%t%6 |
A user right was removed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTarget Account:%n%tAccount Name:%t%t%5%n%nRemoved Right:%n%tUser Right:%t%t%6 |
| 0x1262 | 已为域创建新信任。%n%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n受信任域:%n%t域名:%t%t%1%n%t域 ID:%t%t%2%n%n信任信息:%n%t信任类型:%t%t%7%n%t信任方向:%t%t%8%n%t信任属性:%t%t%9%n%tSID 筛选:%t%t%10 |
A new trust was created to a domain.%n%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nTrusted Domain:%n%tDomain Name:%t%t%1%n%tDomain ID:%t%t%2%n%nTrust Information:%n%tTrust Type:%t%t%7%n%tTrust Direction:%t%t%8%n%tTrust Attributes:%t%t%9%n%tSID Filtering:%t%t%10 |
| 0x1263 | 已删除对域的信任。%n%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n域信息:%n%t域名:%t%t%1%n%t域 ID:%t%t%2 |
A trust to a domain was removed.%n%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nDomain Information:%n%tDomain Name:%t%t%1%n%tDomain ID:%t%t%2 |
| 0x1265 | 已启动 IPSec 策略代理服务。%n%n%1%n%n策略来源:%t%2%n%n%3 |
The IPsec Policy Agent service was started.%n%n%1%n%nPolicy Source: %t%2%n%n%3 |
| 0x1266 | 已禁用 IPSec 策略代理服务。%n%n%1%n%2 |
The IPsec Policy Agent service was disabled.%n%n%1%n%2 |
| 0x1267 | %1 |
%1 |
| 0x1268 | IPSec 策略代理遇到可能很严重的错误。%n%1 |
IPsec Policy Agent encountered a potentially serious failure.%n%1 |
| 0x1269 | 已更改 Kerberos 策略。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n所做的更改:%n[“--”表示没有更改,否则每个更改将显示为:%n(参数名):%t(新值)(旧值)]%n%5 |
Kerberos policy was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nChanges Made:%n('--' means no changes, otherwise each change is shown as:%n(Parameter Name):%t(new value) (old value))%n%5 |
| 0x126A | 加密文件系统(EFS)的“数据恢复代理程序”组策略已更改。已应用这些新更改。 |
Data Recovery Agent group policy for Encrypting File System (EFS) has changed. The new changes have been applied. |
| 0x126B | 已更改对象的审核策略(SACL)。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%3%n%t登录 ID:%t%t%4%n%n审核策略更改:%n%t原始安全描述符:%t%5%n%t新安全描述符:%t%t%6 |
The audit policy (SACL) on an object was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain: %t%3%n%tLogon ID: %t%t%4%n%nAudit Policy Change:%n%tOriginal Security Descriptor: %t%5%n%tNew Security Descriptor: %t%t%6 |
| 0x126C | 已更改受信任的域信息。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n受信任域:%n%t域名:%t%t%5%n%t域 ID:%t%t%6%n%n新信任信息:%n%t信任类型:%t%t%7%n%t信任方向:%t%t%8%n%t信任属性:%t%t%9%n%tSID 筛选:%t%t%10 |
Trusted domain information was modified.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTrusted Domain:%n%tDomain Name:%t%t%5%n%tDomain ID:%t%t%6%n%nNew Trust Information:%n%tTrust Type:%t%t%7%n%tTrust Direction:%t%t%8%n%tTrust Attributes:%t%t%9%n%tSID Filtering:%t%t%10 |
| 0x126D | 已为帐户授予系统安全访问权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n已修改的帐户:%n%t帐户名:%t%t%5%n%n已授予的访问权限:%n%t访问权限:%t%t%6 |
System security access was granted to an account.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAccount Modified:%n%tAccount Name:%t%t%5%n%nAccess Granted:%n%tAccess Right:%t%t%6 |
| 0x126E | 已从帐户删除系统安全访问权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n已修改的帐户:%n%t帐户名:%t%t%5%n%n已删除的访问权限:%n%t访问权限:%t%t%6 |
System security access was removed from an account.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAccount Modified:%n%tAccount Name:%t%t%5%n%nAccess Removed:%n%tAccess Right:%t%t%6 |
| 0x126F | 已更改系统审核策略。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n审核策略更改:%n%t类别:%t%t%5%n%t子类别:%t%t%6%n%t子类别 GUID:%t%7%n%t更改:%t%t%8 |
System audit policy was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAudit Policy Change:%n%tCategory:%t%t%5%n%tSubcategory:%t%t%6%n%tSubcategory GUID:%t%7%n%tChanges:%t%t%8 |
| 0x1270 | 已创建用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n新帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%t显示名称:%t%10%n%t用户主体名称:%t%11%n%t主目录:%t%t%12%n%t主驱动器:%t%13%n%t脚本路径:%t%14%n%t配置文件路径:%t%15%n%t用户工作站:%t%16%n%t上次设置的密码:%17%n%t帐户过期:%t%18%n%t主要组 ID:%t%19%n%t允许委托给:%t%20%n%t旧 UAC 值:%t%21%n%t新 UAC 值:%t%22%n%t用户帐户控制:%t%23%n%t用户参数:%t%24%n%tSID 历史:%t%25%n%t登录时间(以小时计):%26%n%n附加信息:%n%t特权%t%t%8 |
A user account was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nNew Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tDisplay Name:%t%t%10%n%tUser Principal Name:%t%11%n%tHome Directory:%t%t%12%n%tHome Drive:%t%t%13%n%tScript Path:%t%t%14%n%tProfile Path:%t%t%15%n%tUser Workstations:%t%16%n%tPassword Last Set:%t%17%n%tAccount Expires:%t%t%18%n%tPrimary Group ID:%t%19%n%tAllowed To Delegate To:%t%20%n%tOld UAC Value:%t%t%21%n%tNew UAC Value:%t%t%22%n%tUser Account Control:%t%23%n%tUser Parameters:%t%24%n%tSID History:%t%t%25%n%tLogon Hours:%t%t%26%n%nAdditional Information:%n%tPrivileges%t%t%8 |
| 0x1272 | 已启用用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2 |
A user account was enabled.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2 |
| 0x1273 | 试图更改帐户密码。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权%t%t%8 |
An attempt was made to change an account's password.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges%t%t%8 |
| 0x1274 | 试图重置帐户密码。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2 |
An attempt was made to reset an account's password.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2 |
| 0x1275 | 已禁用用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2 |
A user account was disabled.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2 |
| 0x1276 | 已删除用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权%t%8 |
A user account was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges%t%8 |
| 0x1277 | 已创建启用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n新组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled global group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nNew Group:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1278 | 已向启用了安全性的全局组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a security-enabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x1279 | 已从启用了安全性的全局组中删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-enabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x127A | 已删除启用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n删除的组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled global group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nDeleted Group:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x127B | 已创建启用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n新组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled local group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nNew Group:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x127C | 已向启用了安全性的本地组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n%t到期时间:%t%t%11 |
A member was added to a security-enabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%n%tExpiration time:%t%t%11 |
| 0x127D | 已从启用了安全性的本地组中删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-enabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x127E | 已删除启用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled local group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x127F | 已更改启用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled local group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1281 | 已更改启用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled global group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1282 | 已更改用户帐户。%n%n使用者:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n目标帐户:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%n已更改的属性:%n%tSAM 帐户名:%t%10%n%t显示名称:%t%t%11%n%t用户主体名称:%t%12%n%t主目录:%t%t%13%n%t主驱动器:%t%14%n%t脚本路径:%t%15%n%t配置文件路径:%t%16%n%t用户工作站:%t%17%n%t上次设置的密码:%t%18%n%t帐户过期:%t%19%n%t主要组 ID:%t%20%n%t允许委派给:%t%21%n%t旧 UAC 值:%t%22%n%t新 UAC 值:%t%23%n%t用户帐户控制:%t%24%n%t用户参数:%t%25%n%tSID 历史:%t%26%n%t登录时间(以小时计):%27%n%n附加信息:%n%t特权:%t%t%9 |
A user account was changed.%n%nSubject:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nTarget Account:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%nChanged Attributes:%n%tSAM Account Name:%t%10%n%tDisplay Name:%t%t%11%n%tUser Principal Name:%t%12%n%tHome Directory:%t%t%13%n%tHome Drive:%t%t%14%n%tScript Path:%t%t%15%n%tProfile Path:%t%t%16%n%tUser Workstations:%t%17%n%tPassword Last Set:%t%18%n%tAccount Expires:%t%t%19%n%tPrimary Group ID:%t%20%n%tAllowedToDelegateTo:%t%21%n%tOld UAC Value:%t%t%22%n%tNew UAC Value:%t%t%23%n%tUser Account Control:%t%24%n%tUser Parameters:%t%25%n%tSID History:%t%t%26%n%tLogon Hours:%t%t%27%n%nAdditional Information:%n%tPrivileges:%t%t%9 |
| 0x1283 | 已更改域策略。%n%n更改类型:%t%t%1 已更改%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n域:%n%t域名:%t%t%2%n%t域 ID:%t%t%3%n%n已更改的属性:%n%t密码最小存留期:%t%9%n%t密码最大存留期:%t%10%n%t强制注销:%t%t%11%n%t锁定阈值:%t%12%n%t锁定观察窗口:%t%13%n%t锁定持续时间:%t%14%n%t密码属性:%t%15%n%t密码最小长度:%t%16%n%t密码历史长度:%t%17%n%t计算机帐户配额:%t%18%n%t混合域模式:%t%19%n%t域行为版本:%t%20%n%tOEM 信息:%t%21%n%n附加信息:%n%t特权:%t%t%8 |
Domain Policy was changed.%n%nChange Type:%t%t%1 modified%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nDomain:%n%tDomain Name:%t%t%2%n%tDomain ID:%t%t%3%n%nChanged Attributes:%n%tMin. Password Age:%t%9%n%tMax. Password Age:%t%10%n%tForce Logoff:%t%t%11%n%tLockout Threshold:%t%12%n%tLockout Observation Window:%t%13%n%tLockout Duration:%t%14%n%tPassword Properties:%t%15%n%tMin. Password Length:%t%16%n%tPassword History Length:%t%17%n%tMachine Account Quota:%t%18%n%tMixed Domain Mode:%t%19%n%tDomain Behavior Version:%t%20%n%tOEM Information:%t%21%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1284 | 已锁定用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n已锁定的帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%n附加信息:%n%t调用方计算机名:%t%2 |
A user account was locked out.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nAccount That Was Locked Out:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%nAdditional Information:%n%tCaller Computer Name:%t%2 |
| 0x1285 | 已创建计算机帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n新计算机帐户:%t%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%t显示名称:%t%t%10%n%t用户主体名称:%t%11%n%t主目录:%t%t%12%n%t主驱动器:%t%13%n%t脚本路径:%t%14%n%t配置文件路径:%t%15%n%t用户工作站:%t%16%n%t上次设置的密码: %17%n%t帐户过期:%t%18%n%t主要组 ID:%t%19%n%t允许委派给:%t%20%n%t旧 UAC 值:%t%21%n%t新 UAC 值:%t%22%n%t用户帐户控制:%t%23%n%t用户参数:%t%24%n%tSID 历史:%t%25%n%t登录时间(以小时计): %26%n%tDNS 主机名:%t%27%n%t服务主体名称:%t%28%n%n附加信息:%n%t特权%t%t%8 |
A computer account was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nNew Computer Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tDisplay Name:%t%t%10%n%tUser Principal Name:%t%11%n%tHome Directory:%t%t%12%n%tHome Drive:%t%t%13%n%tScript Path:%t%t%14%n%tProfile Path:%t%t%15%n%tUser Workstations:%t%16%n%tPassword Last Set:%t%17%n%tAccount Expires:%t%t%18%n%tPrimary Group ID:%t%19%n%tAllowedToDelegateTo:%t%20%n%tOld UAC Value:%t%t%21%n%tNew UAC Value:%t%t%22%n%tUser Account Control:%t%23%n%tUser Parameters:%t%24%n%tSID History:%t%t%25%n%tLogon Hours:%t%t%26%n%tDNS Host Name:%t%t%27%n%tService Principal Names:%t%28%n%nAdditional Information:%n%tPrivileges%t%t%8 |
| 0x1286 | 已更改计算机帐户。%n%n使用者:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n已更改的计算机帐户:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%n已更改的属性:%n%tSAM 帐户名:%t%10%n%t显示名称:%t%t%11%n%t用户主体名称:%t%12%n%t主目录:%t%t%13%n%t主驱动器:%t%t%14%n%t脚本路径:%t%t%15%n%t配置文件路径:%t%t%16%n%t用户工作站:%t%17%n%t上次设置的密码:%t%18%n%t帐户过期:%t%t%19%n%t主要组 ID:%t%20%n%t允许委派给:%t%21%n%t旧 UAC 值:%t%t%22%n%t新 UAC 值:%t%t%23%n%t用户帐户控制:%t%24%n%t用户参数:%t%25%n%tSID 历史:%t%t%26%n%t登录时间(以小时计):%t%t%27%n%tDNS 主机名:%t%t%28%n%t服务主体名称:%t%29%n%n附加信息:%n%t特权:%t%t%9 |
A computer account was changed.%n%nSubject:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nComputer Account That Was Changed:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%nChanged Attributes:%n%tSAM Account Name:%t%10%n%tDisplay Name:%t%t%11%n%tUser Principal Name:%t%12%n%tHome Directory:%t%t%13%n%tHome Drive:%t%t%14%n%tScript Path:%t%t%15%n%tProfile Path:%t%t%16%n%tUser Workstations:%t%17%n%tPassword Last Set:%t%18%n%tAccount Expires:%t%t%19%n%tPrimary Group ID:%t%20%n%tAllowedToDelegateTo:%t%21%n%tOld UAC Value:%t%t%22%n%tNew UAC Value:%t%t%23%n%tUser Account Control:%t%24%n%tUser Parameters:%t%25%n%tSID History:%t%t%26%n%tLogon Hours:%t%t%27%n%tDNS Host Name:%t%t%28%n%tService Principal Names:%t%29%n%nAdditional Information:%n%tPrivileges:%t%t%9 |
| 0x1287 | 已删除计算机帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标计算机:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A computer account was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Computer:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1288 | 已创建禁用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n新组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled local group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nNew Group:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1289 | 已更改禁用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled local group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x128A | 已向禁用了安全性的本地组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a security-disabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x128B | 已从禁用安全性的本地组中删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-disabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x128C | 已删除禁用了安全性的本地组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled local group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x128D | 已创建禁用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled global group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x128E | 已更改禁用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled global group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x128F | 已向禁用了安全性的全局组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a security-disabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x1290 | 已从禁用安全性的全局组中删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-disabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x1291 | 已删除禁用了安全性的全局组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled global group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1292 | 已创建启用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled universal group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1293 | 已更改启用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled universal group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1294 | 已向启用了安全性的通用组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%3%n%t帐户域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a security-enabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x1295 | 已从启用了安全性的通用组删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-enabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x1296 | 已删除启用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-enabled universal group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1297 | 已创建禁用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled universal group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1298 | 已更改禁用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n已更改的属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled universal group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nChanged Attributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x1299 | 已向禁用了安全性的通用组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a security-disabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x129A | 已从禁用了安全性的通用组删除某个成员%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a security-disabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x129B | 已删除禁用了安全性的通用组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A security-disabled universal group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x129C | 已更改组的类型。%n%n使用者:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n更改类型:%t%t%t%1%n%n组:%n%t安全 ID:%t%t%4%n%t组名:%t%t%2%n%t组域:%t%t%3%n%n附加信息:%n%t特权:%t%t%9 |
A group’s type was changed.%n%nSubject:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nChange Type:%t%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%4%n%tGroup Name:%t%t%2%n%tGroup Domain:%t%t%3%n%nAdditional Information:%n%tPrivileges:%t%t%9 |
| 0x129D | 已向帐户中添加 SID 历史。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n目标帐户:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%3%n%t帐户域:%t%t%4%n%n源帐户:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n附加信息:%n%t特权:%t%t%10%n%tSID 列表:%t%t%t%11 |
SID History was added to an account.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nTarget Account:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nSource Account:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nAdditional Information:%n%tPrivileges:%t%t%10%n%tSID List:%t%t%t%11 |
| 0x129E | 试图向帐户添加 SID 历史失败。%n%n使用者:%n%t安全 ID:%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%n源帐户%n%t帐户名:%t%t%1%n%n附加信息:%n%t特权:%t%t%8 |
An attempt to add SID History to an account failed.%n%nSubject:%n%tSecurity ID:%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%nSource Account%n%tAccount Name:%t%t%1%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x129F | 已解除锁定的用户帐户。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2 |
A user account was unlocked.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2 |
| 0x12A0 | 已请求 Kerberos 身份验证票证(TGT)。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t已提供的领域名称:%t%2%n%t用户 ID:%t%t%t%3%n%n服务信息:%n%t服务名称:%t%t%4%n%t服务 ID:%t%t%5%n%n网络信息:%n%t客户端地址:%t%t%10%n%t客户端端口:%t%t%11%n%n附加信息:%n%t票证选项:%t%t%6%n%t结果代码:%t%t%7%n%t票证加密类型:%t%8%n%t预身份验证类型:%t%9%n%n证书信息:%n%t证书颁发者名称:%t%t%12%n%t证书序列号:%t%13%n%t证书指纹:%t%t%14%n%n仅当证书用于预身份验证时才提供证书信息。%n%n预身份验证类型、票证选项、加密类型和结果代码在 RFC 4120 中定义。 |
A Kerberos authentication ticket (TGT) was requested.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tSupplied Realm Name:%t%2%n%tUser ID:%t%t%t%3%n%nService Information:%n%tService Name:%t%t%4%n%tService ID:%t%t%5%n%nNetwork Information:%n%tClient Address:%t%t%10%n%tClient Port:%t%t%11%n%nAdditional Information:%n%tTicket Options:%t%t%6%n%tResult Code:%t%t%7%n%tTicket Encryption Type:%t%8%n%tPre-Authentication Type:%t%9%n%nCertificate Information:%n%tCertificate Issuer Name:%t%t%12%n%tCertificate Serial Number:%t%13%n%tCertificate Thumbprint:%t%t%14%n%nCertificate information is only provided if a certificate was used for pre-authentication.%n%nPre-authentication types, ticket options, encryption types and result codes are defined in RFC 4120. |
| 0x12A1 | 已请求 Kerberos 服务票证。%n%n帐户信息:%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%t登录 GUID:%t%t%10%n%n服务信息:%n%t服务名称:%t%t%3%n%t服务 ID:%t%t%4%n%n网络信息:%n%t客户端地址:%t%t%7%n%t客户端端口:%t%t%8%n%n附加信息:%n%t票证选项:%t%t%5%n%t票证加密类型:%t%6%n%t故障代码:%t%t%9%n%t传递服务:%t%11%n%n每次请求访问资源(例如计算机或 Windows 服务)时生成此事件。服务名称表示请求访问的资源。%n%n可以通过比较每个事件中的“登录 GUID”字段将此事件与 Windows 登录事件相关联。登录事件发生在被访问的计算机上,通常情况下,该计算机不是颁发服务票证的域控制器计算机。%n%n票证选项、加密类型和故障代码是在 RFC 4120 中定义的。 |
A Kerberos service ticket was requested.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%tLogon GUID:%t%t%10%n%nService Information:%n%tService Name:%t%t%3%n%tService ID:%t%t%4%n%nNetwork Information:%n%tClient Address:%t%t%7%n%tClient Port:%t%t%8%n%nAdditional Information:%n%tTicket Options:%t%t%5%n%tTicket Encryption Type:%t%6%n%tFailure Code:%t%t%9%n%tTransited Services:%t%11%n%nThis event is generated every time access is requested to a resource such as a computer or a Windows service. The service name indicates the resource to which access was requested.%n%nThis event can be correlated with Windows logon events by comparing the Logon GUID fields in each event. The logon event occurs on the machine that was accessed, which is often a different machine than the domain controller which issued the service ticket.%n%nTicket options, encryption types, and failure codes are defined in RFC 4120. |
| 0x12A2 | 已续订 Kerberos 服务票证。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t帐户域:%t%t%2%n%n服务信息:%n%t服务名称:%t%t%3%n%t服务 ID:%t%t%4%n%n网络信息:%n%t客户端地址:%t%t%7%n%t客户端端口:%t%t%8%n%n附加信息:%n%t票证选项:%t%t%5%n%t票证加密类型:%t%6%n%n票证选项和加密类型在 RFC 4120 中定义。 |
A Kerberos service ticket was renewed.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nService Information:%n%tService Name:%t%t%3%n%tService ID:%t%t%4%n%nNetwork Information:%n%tClient Address:%t%t%7%n%tClient Port:%t%t%8%n%nAdditional Information:%n%tTicket Options:%t%t%5%n%tTicket Encryption Type:%t%6%n%nTicket options and encryption types are defined in RFC 4120. |
| 0x12A3 | Kerberos 预身份验证失败。%n%n帐户信息:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n服务信息:%n%t服务名称:%t%t%3%n%n网络信息:%n%t客户端地址:%t%t%7%n%t客户端端口:%t%t%8%n%n附加信息:%n%t票证选项:%t%t%4%n%t失败代码:%t%t%5%n%t预身份验证类型:%t%6%n%n证书信息:%n%t证书颁发者名称:%t%t%9%n%t证书序列号:%t%10%n%t证书指纹:%t%t%11%n%n仅当证书用于预身份验证时才会提供证书信息。%n%n预身份验证类型、票证选项和失败代码在 RFC 4120 中定义。%n%n如果票证在传递过程中格式错误或者损坏因而无法解密,则可能无法提供此事件中的很多字段。 |
Kerberos pre-authentication failed.%n%nAccount Information:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nService Information:%n%tService Name:%t%t%3%n%nNetwork Information:%n%tClient Address:%t%t%7%n%tClient Port:%t%t%8%n%nAdditional Information:%n%tTicket Options:%t%t%4%n%tFailure Code:%t%t%5%n%tPre-Authentication Type:%t%6%n%nCertificate Information:%n%tCertificate Issuer Name:%t%t%9%n%tCertificate Serial Number: %t%10%n%tCertificate Thumbprint:%t%t%11%n%nCertificate information is only provided if a certificate was used for pre-authentication.%n%nPre-authentication types, ticket options and failure codes are defined in RFC 4120.%n%nIf the ticket was malformed or damaged during transit and could not be decrypted, then many fields in this event might not be present. |
| 0x12A4 | Kerberos 身份验证票证请求失败。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t已提供的领域名称:%t%2%n%n服务信息:%n%t服务名称:%t%3%n%n网络信息:%n%t客户端地址:%t%6%n%t客户端端口:%t%7%n%n附加信息:%n%t票证选项:%t%4%n%t失败代码:%t%5%n%n票证选项和失败代码在 RFC 4120 中定义。 |
A Kerberos authentication ticket request failed.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tSupplied Realm Name:%t%2%n%nService Information:%n%tService Name:%t%3%n%nNetwork Information:%n%tClient Address:%t%6%n%tClient Port:%t%7%n%nAdditional Information:%n%tTicket Options:%t%4%n%tFailure Code:%t%5%n%nTicket options and failure codes are defined in RFC 4120. |
| 0x12A5 | Kerberos 服务票证失败。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t帐户域:%t%t%2%n%n服务信息:%n%t服务名称:%t%3%n%n网络信息:%n%t客户端地址:%t%6%n%t客户端端口:%t%7%n%n附加信息:%n%t票证选项:%t%4%n%t失败代码:%t%5%n%n票证选项和失败代码在 RFC 4120 中定义。 |
A Kerberos service ticket request failed.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nService Information:%n%tService Name:%t%3%n%nNetwork Information:%n%tClient Address:%t%6%n%tClient Port:%t%7%n%nAdditional Information:%n%tTicket Options:%t%4%n%tFailure Code:%t%5%n%nTicket options and failure codes are defined in RFC 4120. |
| 0x12A6 | 已为登录映射帐户。%n%n身份验证数据包:%t%1%n帐户 UPN:%t%2%n已映射的名称:%t%3 |
An account was mapped for logon.%n%nAuthentication Package:%t%1%nAccount UPN:%t%2%nMapped Name:%t%3 |
| 0x12A7 | 无法为登录映射帐户。%n%n身份验证数据包:%t%t%1%n帐户名:%t%t%2 |
An account could not be mapped for logon.%n%nAuthentication Package:%t%t%1%nAccount Name:%t%t%2 |
| 0x12A8 | 计算机试图验证帐户的凭据。%n%n验证包:%t%1%n登录帐户:%t%2%n源工作站:%t%3%n错误代码:%t%4 |
The computer attempted to validate the credentials for an account.%n%nAuthentication Package:%t%1%nLogon Account:%t%2%nSource Workstation:%t%3%nError Code:%t%4 |
| 0x12A9 | 域控制器为帐户验证凭据失败。%n%n身份验证数据包:%t%1%n登录帐户:%t%2%n源工作站:%t%3%n错误代码:%t%4 |
The domain controller failed to validate the credentials for an account.%n%nAuthentication Package:%t%1%nLogon Account:%t%2%nSource Workstation:%t%3%nError Code:%t%4 |
| 0x12AA | 已将会话重新连接到窗口站。%n%n使用者:%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%t登录 ID:%t%t%3%n%n会话:%n%t会话名:%t%t%4%n%n附加信息:%n%t客户端名:%t%t%5%n%t客户端地址:%t%t%6%n%n当用户重新连接到现有终端服务会话,或者用户使用“快速用户切换”切换到现有桌面时生成此事件。 |
A session was reconnected to a Window Station.%n%nSubject:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%tLogon ID:%t%t%3%n%nSession:%n%tSession Name:%t%t%4%n%nAdditional Information:%n%tClient Name:%t%t%5%n%tClient Address:%t%t%6%n%nThis event is generated when a user reconnects to an existing Terminal Services session, or when a user switches to an existing desktop using Fast User Switching. |
| 0x12AB | 已断开会话与窗口站的连接。%n%n使用者:%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%t登录 ID:%t%t%3%n%n会话:%n%t会话名:%t%t%4%n%n附加信息:%n%t客户端名:%t%t%5%n%t客户端地址:%t%t%6%n%n%n当用户断开与现有终端服务会话的连接,或者用户使用“快速用户切换”离开现有桌面时生成此事件。 |
A session was disconnected from a Window Station.%n%nSubject:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%tLogon ID:%t%t%3%n%nSession:%n%tSession Name:%t%t%4%n%nAdditional Information:%n%tClient Name:%t%t%5%n%tClient Address:%t%t%6%n%n%nThis event is generated when a user disconnects from an existing Terminal Services session, or when a user switches away from an existing desktop using Fast User Switching. |
| 0x12AC | 已设置 Administrators 组成员帐户上的 ACL。%n%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n目标帐户:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8%n%n担当主域控制器(PDC)灵活单主机操作(FSMO)角色的 Windows 域控制器每小时会对所有在 Active Directory 中为其域提供的安全主体帐户(用户、组以及计算机帐户)以及管理组中的帐户上的 ACL 与 AdminSDHolder 对象上的 ACL 进行对比。如果主体帐户上的 ACL 与 AdminSDHolder 对象上的 ACL 不同,便会将主体帐户上的 ACL 重置为与 AdminSDHolder 对象上的 ACL 相符并生成此事件。 |
The ACL was set on accounts which are members of administrators groups.%n%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nTarget Account:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8%n%nEvery hour, the Windows domain controller that holds the primary domain controller (PDC) Flexible Single Master Operation (FSMO) role compares the ACL on all security principal accounts (users, groups, and machine accounts) present for its domain in Active Directory and that are in administrative groups against the ACL on the AdminSDHolder object. If the ACL on the principal account differs from the ACL on the AdminSDHolder object, then the ACL on the principal account is reset to match the ACL on the AdminSDHolder object and this event is generated. |
| 0x12AD | 已更改帐户名:%n%n使用者:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%n目标帐户:%n%t安全 ID:%t%t%4%n%t帐户域:%t%t%3%n%t旧帐户名:%t%1%n%t新帐户名:%t%2%n%n附加信息:%n%t特权:%t%t%9 |
The name of an account was changed:%n%nSubject:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%nTarget Account:%n%tSecurity ID:%t%t%4%n%tAccount Domain:%t%t%3%n%tOld Account Name:%t%1%n%tNew Account Name:%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%9 |
| 0x12AE | 已访问帐户的密码哈希。%n%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n目标帐户:%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2 |
The password hash an account was accessed.%n%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nTarget Account:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2 |
| 0x12AF | 已创建基本应用程序组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A basic application group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x12B0 | 已更改基本应用程序组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
A basic application group was changed.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x12B1 | 已向基本应用程序组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n到期时间:%t%t%11 |
A member was added to a basic application group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%nExpiration time:%t%t%11 |
| 0x12B2 | 已从基本应用程序组中删除某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was removed from a basic application group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0x12B3 | 已向基本应用程序组添加某个非成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%3%n%t帐户域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n%n非成员是基本应用程序组中明确排除在成员身份之外的帐户。如果帐户被列为非成员,则即使明确地或通过嵌套组成员身份指定帐户为应用程序组成员,该帐户仍不会被视为组成员。 |
A non-member was added to a basic application group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%n%nA non-member is an account that is explicitly excluded from membership in a basic application group. Even if the account is specified as a member of the application group, either explicitly or through nested group membership, the account will not be treated as a group member if it is listed as a non-member. |
| 0x12B4 | 已从基本应用程序组删除某个非成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%3%n%t帐户域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10%n%n非成员是基本应用程序组中明确排除在成员身份之外的帐户。如果帐户被列为非成员,则即使明确地或通过嵌套组成员身份指定帐户为应用程序组成员,该帐户仍不会被视为组成员。 |
A non-member was removed from a basic application group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%n%nA non-member is an account that is explicitly excluded from membership in a basic application group. Even if the account is specified as a member of the application group, either explicitly or through nested group membership, the account will not be treated as a group member if it is listed as a non-member. |
| 0x12B5 | 已删除基本应用程序组。%n%nSubject:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
A basic application group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x12B6 | 已创建 LDAP 查询。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n属性:%n%tSAM 帐户名:%t%9%n%tSID 历史:%t%t%10%n%n附加信息:%n%t特权:%t%t%8 |
An LDAP query group was created.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAttributes:%n%tSAM Account Name:%t%9%n%tSID History:%t%t%10%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x12B8 | 已删除 LDAP 查询组。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%1%n%t帐户域:%t%t%2%n%n附加信息:%n%t特权:%t%t%8 |
An LDAP query group was deleted.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nAdditional Information:%n%tPrivileges:%t%t%8 |
| 0x12B9 | 已调用密码策略检查 API。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n附加信息:%n%t调用方工作站:%t%5%n%t已提供的帐户名(未经过身份验证):%t%6%n%t状态代码:%t%7 |
The Password Policy Checking API was called.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAdditional Information:%n%tCaller Workstation:%t%5%n%tProvided Account Name (unauthenticated):%t%6%n%tStatus Code:%t%7 |
| 0x12BA | 试图设置目录服务还原模式管理员密码。%n%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n附加信息:%n%t调用方工作站:%t%5%n%t状态代码:%t%6 |
An attempt was made to set the Directory Services Restore Mode%nadministrator password.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAdditional Information:%n%tCaller Workstation:%t%5%n%tStatus Code:%t%6 |
| 0x12BD | 试图查询帐户是否存在空白密码。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n其他信息:%n%t调用方工作站:%t%5%n%t目标帐户名:%t%6%n%t目标帐户域:%t%7 |
An attempt was made to query the existence of a blank password for an account.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nAdditional Information:%n%tCaller Workstation:%t%5%n%tTarget Account Name:%t%6%n%tTarget Account Domain:%t%7 |
| 0x12BE | 已枚举用户的本地组成员身份。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名称:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n用户:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%1%n%t帐户域:%t%t%2%n%n进程信息:%n%t进程 ID:%t%t%8%n%t进程名称:%t%t%9 |
A user's local group membership was enumerated.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nUser:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%nProcess Information:%n%tProcess ID:%t%t%8%n%tProcess Name:%t%t%9 |
| 0x12BF | 已枚举启用了安全机制的本地组成员身份。%n%n使用者:%n%t安全 ID:%t%t%4%n%t帐户名称:%t%t%5%n%t帐户域:%t%t%6%n%t登录 ID:%t%t%7%n%n组:%n%t安全 ID:%t%t%3%n%t组名:%t%t%1%n%t组域:%t%t%2%n%n进程信息:%n%t进程 ID:%t%t%8%n%t进程名称:%t%t%9 |
A security-enabled local group membership was enumerated.%n%nSubject:%n%tSecurity ID:%t%t%4%n%tAccount Name:%t%t%5%n%tAccount Domain:%t%t%6%n%tLogon ID:%t%t%7%n%nGroup:%n%tSecurity ID:%t%t%3%n%tGroup Name:%t%t%1%n%tGroup Domain:%t%t%2%n%nProcess Information:%n%tProcess ID:%t%t%8%n%tProcess Name:%t%t%9 |
| 0x12C0 | 已锁定工作站。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t会话 ID:%t%5 |
The workstation was locked.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tSession ID:%t%5 |
| 0x12C1 | 已解除工作站锁定。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t会话 ID:%t%5 |
The workstation was unlocked.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tSession ID:%t%5 |
| 0x12C2 | 已调用屏幕保护程序。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t会话 ID:%t%5 |
The screen saver was invoked.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tSession ID:%t%5 |
| 0x12C3 | 已解除屏幕保护程序。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t会话 ID:%t%5 |
The screen saver was dismissed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tSession ID:%t%5 |
| 0x12D0 | RPC 在解密传入消息时检测到完整性被破坏。%n%n对等名:%t%1%n协议序列:%t%2%n安全错误:%t%3 |
RPC detected an integrity violation while decrypting an incoming message.%n%nPeer Name:%t%1%nProtocol Sequence:%t%2%nSecurity Error:%t%3 |
| 0x12D1 | 对象上的审核设置已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名称:%t%7%n%n审核设置:%n%t原始安全描述符:%t%8%n%t新安全描述符:%t%t%9 |
Auditing settings on object were changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%nAuditing Settings:%n%tOriginal Security Descriptor:%t%8%n%tNew Security Descriptor:%t%t%9 |
| 0x12D2 | 建议的中心访问策略未授予和当前中心访问策略相同的访问权限。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%t对象名:%t%t%7%n%t句柄 ID:%t%t%8%n%n进程信息:%n%t进程 ID:%t%t%9%n%t进程名:%t%t%10%n%n当前的中心访问策略结果:%n%n%t访问原因:%t%t%11%n不同于当前中心访问策略结果的建议中心访问策略结果:%n%n%t访问原因:%t%t%12 |
Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%tObject Name:%t%t%7%n%tHandle ID:%t%t%8%n%nProcess Information:%n%tProcess ID:%t%t%9%n%tProcess Name:%t%t%10%n%nCurrent Central Access Policy results:%n%n%tAccess Reasons:%t%t%11%nProposed Central Access Policy results that differ from the current Central Access Policy results:%n%n%tAccess Reasons:%t%t%12 |
| 0x12D3 | 计算机上的中心访问策略已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%n添加的 CAP:%7%n%n删除的 CAP:%8%n%n修改的 CAP:%9%n%n保持原样的 CAP:%10 |
Central Access Policies on the machine have been changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%nCAPs Added:%7%n%nCAPs Deleted:%8%n%nCAPs Modified:%9%n%nCAPs As-Is:%10 |
| 0x12D4 | Kerberos 票证授予票证(TGT)已被拒绝,因为设备不符合访问控制限制。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t提供的领域名称:%t%2%n%t用户 ID:%t%t%t%3%n%n身份验证策略信息:%n%t接收器名称:%t%t%16%n%t策略名称:%t%t%17%n%tTGT 生存时间:%t%t%18%n%n设备信息:%n%t设备名称:%t%t%4%n%n服务信息:%n%t服务名称:%t%t%5%n%t服务 ID:%t%t%6%n%n网络信息:%n%t客户端地址:%t%t%11%n%t客户端端口:%t%t%12%n%n其他信息:%n%t票证选项:%t%t%7%n%t结果代码:%t%t%8%n%t票证加密类型:%t%9%n%t预身份验证类型:%t%10%n%n证书信息:%n%t证书颁发者名称:%t%t%13%n%t证书序列号:%t%14%n%t证书指纹:%t%t%15%n%n仅当某个证书已用于预身份验证时,才提供证书信息。%n%n预身份验证类型、票证选项、加密类型和结果代码已在 RFC 4120 中定义。 |
A Kerberos Ticket-granting-ticket (TGT) was denied because the device does not meet the access control restrictions.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tSupplied Realm Name:%t%2%n%tUser ID:%t%t%t%3%n%nAuthentication Policy Information:%n%tSilo Name:%t%t%16%n%tPolicy Name:%t%t%17%n%tTGT Lifetime:%t%t%18%n%nDevice Information:%n%tDevice Name:%t%t%4%n%nService Information:%n%tService Name:%t%t%5%n%tService ID:%t%t%6%n%nNetwork Information:%n%tClient Address:%t%t%11%n%tClient Port:%t%t%12%n%nAdditional Information:%n%tTicket Options:%t%t%7%n%tResult Code:%t%t%8%n%tTicket Encryption Type:%t%9%n%tPre-Authentication Type:%t%10%n%nCertificate Information:%n%tCertificate Issuer Name:%t%t%13%n%tCertificate Serial Number:%t%14%n%tCertificate Thumbprint:%t%t%15%n%nCertificate information is only provided if a certificate was used for pre-authentication.%n%nPre-authentication types, ticket options, encryption types and result codes are defined in RFC 4120. |
| 0x12D5 | Kerberos 服务票证已被拒绝,因为用户和/或设备不符合访问控制限制。%n%n帐户信息:%n%t帐户名称:%t%t%1%n%t帐户域:%t%t%2%n%t登录 GUID:%t%t%11%n%n身份验证策略信息:%n%t接收器名称:%t%t%13%n%t策略名称:%t%t%14%n%n设备信息:%n%t设备名称:%t%t%3%n%n服务信息:%n%t服务名称:%t%t%4%n%t服务 ID:%t%t%5%n%n网络信息:%n%t客户端地址:%t%t%8%n%t客户端端口:%t%t%9%n%n其他信息:%n%t票证选项:%t%t%6%n%t票证加密类型:%t%7%n%t失败代码:%t%t%10%n%t传递的服务:%t%12%n%n每次请求访问计算机或 Windows 服务等资源时,将生成此事件。服务名称指示已请求访问的资源。%n%n此事件可以与 Windows 登录事件关联,方法是比较每个事件中的登录 GUID 字段。登录事件发生在所访问的计算机上,该计算机通常不是颁发服务票证的域控制器所在的计算机。%n%n票证选项、加密类型和失败代码已在 RFC 4120 中定义。 |
A Kerberos service ticket was denied because the user, device, or both does not meet the access control restrictions.%n%nAccount Information:%n%tAccount Name:%t%t%1%n%tAccount Domain:%t%t%2%n%tLogon GUID:%t%t%11%n%nAuthentication Policy Information:%n%tSilo Name:%t%t%13%n%tPolicy Name:%t%t%14%n%nDevice Information:%n%tDevice Name:%t%t%3%n%nService Information:%n%tService Name:%t%t%4%n%tService ID:%t%t%5%n%nNetwork Information:%n%tClient Address:%t%t%8%n%tClient Port:%t%t%9%n%nAdditional Information:%n%tTicket Options:%t%t%6%n%tTicket Encryption Type:%t%7%n%tFailure Code:%t%t%10%n%tTransited Services:%t%12%n%nThis event is generated every time access is requested to a resource such as a computer or a Windows service. The service name indicates the resource to which access was requested.%n%nThis event can be correlated with Windows logon events by comparing the Logon GUID fields in each event. The logon event occurs on the machine that was accessed, which is often a different machine than the domain controller which issued the service ticket.%n%nTicket options, encryption types, and failure codes are defined in RFC 4120. |
| 0x12D6 | NTLM 身份验证失败,因为该帐户是“受保护用户”组的成员。%n%n帐户名称:%t%1%n设备名称:%t%2%n错误代码:%t%3 |
NTLM authentication failed because the account was a member of the Protected User group.%n%nAccount Name:%t%1%nDevice Name:%t%2%nError Code:%t%3 |
| 0x12D7 | NTLM 身份验证失败,因为需要访问控制限制。%n%n帐户名称:%t%1%n设备名称:%t%2%n错误代码:%t%3%n%n身份验证策略信息:%n%t接收器名称:%t%4%n%tPolicyName:%t%5 |
NTLM authentication failed because access control restrictions are required.%n%nAccount Name:%t%1%nDevice Name:%t%2%nError Code:%t%3%n%nAuthentication Policy Information:%n%tSilo Name:%t%4%n%tPolicyName:%t%5 |
| 0x12D8 | 通过使用 DES 或 RC4 执行的 Kerberos 预身份验证失败,因为该帐户是“受保护用户”组的成员。%n%n帐户信息:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n服务信息:%n%t服务名称:%t%t%3%n%n网络信息:%n%t客户端地址:%t%t%7%n%t客户端端口:%t%t%8%n%n其他信息:%n%t票证选项:%t%t%4%n%t失败代码:%t%t%5%n%t预身份验证类型:%t%6%n%n证书信息:%n%t证书颁发者名称:%t%t%9%n%t证书序列号: %t%10%n%t证书指纹:%t%t%11%n%n仅当证书已用于预身份验证时,才提供证书信息。%n%n预身份验证类型、票证选项和失败代码已在 RFC 4120 中定义。%n%n如果票证格式不正确或票证在传输期间损坏并且无法解密,则此事件中的许多字段可能不存在。 |
Kerberos preauthentication by using DES or RC4 failed because the account was a member of the Protected User group.%n%nAccount Information:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nService Information:%n%tService Name:%t%t%3%n%nNetwork Information:%n%tClient Address:%t%t%7%n%tClient Port:%t%t%8%n%nAdditional Information:%n%tTicket Options:%t%t%4%n%tFailure Code:%t%t%5%n%tPre-Authentication Type:%t%6%n%nCertificate Information:%n%tCertificate Issuer Name:%t%t%9%n%tCertificate Serial Number: %t%10%n%tCertificate Thumbprint:%t%t%11%n%nCertificate information is only provided if a certificate was used for pre-authentication.%n%nPre-authentication types, ticket options and failure codes are defined in RFC 4120.%n%nIf the ticket was malformed or damaged during transit and could not be decrypted, then many fields in this event might not be present. |
| 0x12D9 | 用户访问远程桌面时被拒绝。默认情况下,用户只有在属于远程桌面用户组或管理员组的情况下才能连接。%n%n使用者:%n%t用户名:%t%1%n%t域:%t%t%2%n%t登录 ID:%t%3%n%n其他信息:%n%t客户端地址:%t%4%n%n%n不允许远程登录的经过身份验证的用户尝试通过远程桌面连接到此计算机时生成此事件。 |
A user was denied the access to Remote Desktop. By default, users are allowed to connect only if they are members of the Remote Desktop Users group or Administrators group.%n%nSubject:%n%tUser Name:%t%1%n%tDomain:%t%t%2%n%tLogon ID:%t%3%n%nAdditional Information:%n%tClient Address:%t%4%n%n%nThis event is generated when an authenticated user who is not allowed to log on remotely attempts to connect to this computer through Remote Desktop. |
| 0x12DA | 已加载引导配置数据。%n%n使用者:%n%t安全性 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n常规设置:%n%t加载选项:%t%t%5%n%t高级选项:%t%t%6%n%t配置访问策略:%t%7%n%t系统事件日志记录:%t%8%n%t内核调试:%t%9%n%tVSM 启动类型:%t%10%n%n签名设置:%n%t测试签名:%t%t%11%n%t检测签名:%t%t%12%n%t禁用完整性检查:%t%13%n%n虚拟机监控程序设置:%n%t虚拟机监控程序加载选项:%t%14%n%t虚拟机监控程序启动类型:%t%15%n%t虚拟机监控程序调试:%t%16 |
Boot Configuration Data loaded.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nGeneral Settings:%n%tLoad Options:%t%t%5%n%tAdvanced Options:%t%t%6%n%tConfiguration Access Policy:%t%7%n%tSystem Event Logging:%t%8%n%tKernel Debugging:%t%9%n%tVSM Launch Type:%t%10%n%nSignature Settings:%n%tTest Signing:%t%t%11%n%tFlight Signing:%t%t%12%n%tDisable Integrity Checks:%t%13%n%nHyperVisor Settings:%n%tHyperVisor Load Options:%t%14%n%tHyperVisor Launch Type:%t%15%n%tHyperVisor Debugging:%t%16 |
| 0x12DE | SID 历史记录已从帐户中删除。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n目标帐户:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%3%n%t帐户域:%t%t%4%n%n其他信息:%n%t特权:%t%t%10%n%tSID 列表:%t%t%t%11 |
SID History was removed from an account.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nTarget Account:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10%n%tSID List:%t%t%t%11 |
| 0x1300 | 已检测到命名空间冲突。%n%n目标类型:%t%1%n目标名:%t%2%n目录林根:%t%3%n顶层名:%t%4%nDNS 名称:%t%5%nNetBIOS 名称:%t%6%n安全 ID:%t%t%7%n新标志:%t%8 |
A namespace collision was detected.%n%nTarget Type:%t%1%nTarget Name:%t%2%nForest Root:%t%3%nTop Level Name:%t%4%nDNS Name:%t%5%nNetBIOS Name:%t%6%nSecurity ID:%t%t%7%nNew Flags:%t%8 |
| 0x1301 | 已添加受信任的目录林信息项。%n%n使用者:%n%t安全 ID:%t%t%10%n%t帐户名:%t%t%11%n%t帐户域:%t%t%12%n%t登录 ID:%t%t%13%n%n信任信息:%n%t目录林根:%t%1%n%t目录林根 SID:%t%2%n%t操作 ID:%t%3%n%t项类型:%t%4%n%t标志:%t%5%n%t顶层名:%t%6%n%tDNS 名称:%t%7%n%tNetBIOS 名称:%t%8%n%t域 SID:%t%9 |
A trusted forest information entry was added.%n%nSubject:%n%tSecurity ID:%t%t%10%n%tAccount Name:%t%t%11%n%tAccount Domain:%t%t%12%n%tLogon ID:%t%t%13%n%nTrust Information:%n%tForest Root:%t%1%n%tForest Root SID:%t%2%n%tOperation ID:%t%3%n%tEntry Type:%t%4%n%tFlags:%t%5%n%tTop Level Name:%t%6%n%tDNS Name:%t%7%n%tNetBIOS Name:%t%8%n%tDomain SID:%t%9 |
| 0x1302 | 已删除了受信任的目录林信息项。%n%n使用者:%n%t安全 ID:%t%t%10%n%t帐户名:%t%t%11%n%t帐户域:%t%t%12%n%t登录 ID:%t%t%13%n%n信任信息:%n%t目录林根:%t%1%n%t目录林根 SID:%t%2%n%t操作 ID:%t%3%n%t项类型:%t%4%n%t标志:%t%5%n%t顶层名:%t%6%n%tDNS 名称:%t%7%n%tNetBIOS 名称:%t%8%n%t域 SID:%t%9 |
A trusted forest information entry was removed.%n%nSubject:%n%tSecurity ID:%t%t%10%n%tAccount Name:%t%t%11%n%tAccount Domain:%t%t%12%n%tLogon ID:%t%t%13%n%nTrust Information:%n%tForest Root:%t%1%n%tForest Root SID:%t%2%n%tOperation ID:%t%3%n%tEntry Type:%t%4%n%tFlags:%t%5%n%tTop Level Name:%t%6%n%tDNS Name:%t%7%n%tNetBIOS Name:%t%8%n%tDomain SID:%t%9 |
| 0x1303 | 已修改受信任的目录林信息项。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n信任信息:%n%t目录林根:%t%5%n%t目录林根 SID:%t%6%n%t操作 ID:%t%7%n%t项类型:%t%8%n%t标志:%t%9%n%t顶层名:%t%10%n%tDNS 名称:%t%11%n%tNetBIOS 名称:%t%12%n%t域 SID:%t%13 |
A trusted forest information entry was modified.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTrust Information:%n%tForest Root:%t%5%n%tForest Root SID:%t%6%n%tOperation ID:%t%7%n%tEntry Type:%t%8%n%tFlags:%t%9%n%tTop Level Name:%t%10%n%tDNS Name:%t%11%n%tNetBIOS Name:%t%12%n%tDomain SID:%t%13 |
| 0x1304 | 证书管理器拒绝了一个挂起的证书请求。%n%t%n请求 ID:%t%1 |
The certificate manager denied a pending certificate request.%n%t%nRequest ID:%t%1 |
| 0x1305 | 证书服务收到一个重新提交的证书请求。%n%t%n请求 ID:%t%1 |
Certificate Services received a resubmitted certificate request.%n%t%nRequest ID:%t%1 |
| 0x1306 | 证书服务吊销了证书。%n%t%n序列号:%t%1%n原因:%t%2 |
Certificate Services revoked a certificate.%n%t%nSerial Number:%t%1%nReason:%t%2 |
| 0x1307 | 证书服务收到发布证书吊销列表(CRL)的请求。%n%t%n下一次更新:%t%1%n发布基:%t%2%n发布增量:%t%3 |
Certificate Services received a request to publish the certificate revocation list (CRL).%n%t%nNext Update:%t%1%nPublish Base:%t%2%nPublish Delta:%t%3 |
| 0x1308 | 证书服务发布了证书吊销列表(CRL)。%n%t%n基 CRL:%t%1%nCRL 号:%t%2%n密钥容器:%t%3%n下次发布:%t%4%n发布 URL:%t%5 |
Certificate Services published the certificate revocation list (CRL).%n%t%nBase CRL:%t%1%nCRL Number:%t%2%nKey Container:%t%3%nNext Publish:%t%4%nPublish URLs:%t%5 |
| 0x1309 | 证书请求扩展已更改。%n%t%n请求 ID:%t%1%n名称:%t%2%n类型:%t%3%n目标:%t%4%n数据:%t%5 |
A certificate request extension changed.%n%t%nRequest ID:%t%1%nName:%t%2%nType:%t%3%nFlags:%t%4%nData:%t%5 |
| 0x130A | 一个或多个证书请求属性已更改。%n%t%n请求 ID:%t%1%n属性:%t%2 |
One or more certificate request attributes changed.%n%t%nRequest ID:%t%1%nAttributes:%t%2 |
| 0x130B | 证书服务收到关机请求。 |
Certificate Services received a request to shut down. |
| 0x130C | 证书服务备份已开始。%n%n备份类型:%t%1 |
Certificate Services backup started.%n%nBackup Type:%t%1 |
| 0x130D | 已完成证书服务备份。 |
Certificate Services backup completed. |
| 0x130E | 已开始证书服务还原。 |
Certificate Services restore started. |
| 0x130F | 已完成证书服务还原。 |
Certificate Services restore completed. |
| 0x1310 | 证书服务已启动。%n%t%n证书数据库哈希:%t%1%n私钥使用计数:%t%2%nCA 证书哈希:%t%3%nCA 公钥哈希:%t%4 |
Certificate Services started.%n%t%nCertificate Database Hash:%t%1%nPrivate Key Usage Count:%t%2%nCA Certificate Hash:%t%3%nCA Public Key Hash:%t%4 |
| 0x1311 | 证书服务已停止。%n%t%n证书数据库哈希:%t%1%n私钥使用计数:%t%2%nCA 证书哈希:%t%3%nCA 公钥哈希:%t%4 |
Certificate Services stopped.%n%t%nCertificate Database Hash:%t%1%nPrivate Key Usage Count:%t%2%nCA Certificate Hash:%t%3%nCA Public Key Hash:%t%4 |
| 0x1312 | 证书服务的安全权限已更改。%n%t%n%1 |
The security permissions for Certificate Services changed.%n%t%n%1 |
| 0x1313 | 证书服务检索到已存档的密钥。%n%t%n请求 ID:%t%1 |
Certificate Services retrieved an archived key.%n%t%nRequest ID:%t%1 |
| 0x1314 | 证书服务向此数据库中导入了证书。%n%t%n证书:%t%1%n请求 ID:%t%2 |
Certificate Services imported a certificate into its database.%n%t%nCertificate:%t%1%nRequest ID:%t%2 |
| 0x1315 | 证书服务的审核筛选器已更改。%n%t%n筛选器:%t%1 |
The audit filter for Certificate Services changed.%n%t%nFilter:%t%1 |
| 0x1316 | 证书服务收到证书请求。%n%t%n请求 ID:%t%1%n请求者:%t%2%n属性:%t%3 |
Certificate Services received a certificate request.%n%t%nRequest ID:%t%1%nRequester:%t%2%nAttributes:%t%3 |
| 0x1317 | 证书服务批准了证书请求并颁发了证书。%n%t%n请求 ID:%t%1%n请求者:%t%2%n属性:%t%3%n部署:%t%4%nSKI:%t%t%5%n使用者:%t%6 |
Certificate Services approved a certificate request and issued a certificate.%n%t%nRequest ID:%t%1%nRequester:%t%2%nAttributes:%t%3%nDisposition:%t%4%nSKI:%t%t%5%nSubject:%t%6 |
| 0x1318 | 证书服务拒绝了证书请求。%n%t%n请求 ID:%t%1%n请求者:%t%2%n属性:%t%3%n部署:%t%4%nSKI:%t%t%5%n使用者:%t%6 |
Certificate Services denied a certificate request.%n%t%nRequest ID:%t%1%nRequester:%t%2%nAttributes:%t%3%nDisposition:%t%4%nSKI:%t%t%5%nSubject:%t%6 |
| 0x1319 | 证书服务将证书请求的状态设置为挂起。%n%t%n请求 ID:%t%1%n请求者:%t%2%n属性:%t%3%n部署:%t%4%nSKI:%t%t%5%n使用者:%t%6 |
Certificate Services set the status of a certificate request to pending.%n%t%nRequest ID:%t%1%nRequester:%t%2%nAttributes:%t%3%nDisposition:%t%4%nSKI:%t%t%5%nSubject:%t%6 |
| 0x131A | 证书服务的证书管理器设置已更改。%n%t%n启用:%t%1%n%n%2 |
The certificate manager settings for Certificate Services changed.%n%t%nEnable:%t%1%n%n%2 |
| 0x131B | 证书服务中的配置项已更改。%n%t%n节点:%t%1%n项目:%t%2%n值:%t%3 |
A configuration entry changed in Certificate Services.%n%t%nNode:%t%1%nEntry:%t%2%nValue:%t%3 |
| 0x131C | 证书服务的属性已更改。%n%t%n属性:%t%1%n索引:%t%2%n类型:%t%3%n值:%t%4 |
A property of Certificate Services changed.%n%t%nProperty:%t%1%nIndex:%t%2%nType:%t%3%nValue:%t%4 |
| 0x131D | 证书服务对密钥进行了存档了。%n%t%n请求 ID:%t%1%n请求者:%t%2%nKRA 哈希:%t%3 |
Certificate Services archived a key.%n%t%nRequest ID:%t%1%nRequester:%t%2%nKRA Hashes:%t%3 |
| 0x131E | 证书服务已导入并已存档密钥。%n%t%n请求 ID:%t%1 |
Certificate Services imported and archived a key.%n%t%nRequest ID:%t%1 |
| 0x131F | 证书服务已将 CA 证书发布到 Active Directory 域服务。%n%t%n证书哈希:%t%1%n有效期始于:%t%2%n有效期至:%t%t%3 |
Certificate Services published the CA certificate to Active Directory Domain Services.%n%t%nCertificate Hash:%t%1%nValid From:%t%2%nValid To:%t%t%3 |
| 0x1320 | 已从证书数据库删除一行或多行。%n%t%n表格 ID:%t%1%n筛选器:%t%2%n已删除的行:%t%3 |
One or more rows have been deleted from the certificate database.%n%t%nTable ID:%t%1%nFilter:%t%2%nRows Deleted:%t%3 |
| 0x1321 | 角色分隔被启用:%t%1 |
Role separation enabled:%t%1 |
| 0x1322 | 证书服务已加载模板。%n%n%1 v%2 (架构 V%3)%n%4%n%5%n%n模板信息:%n%t模板内容:%t%t%7%n%t安全描述符:%t%t%8%n%n其他信息:%n%t域控制器:%t%6 |
Certificate Services loaded a template.%n%n%1 v%2 (Schema V%3)%n%4%n%5%n%nTemplate Information:%n%tTemplate Content:%t%t%7%n%tSecurity Descriptor:%t%t%8%n%nAdditional Information:%n%tDomain Controller:%t%6 |
| 0x1323 | 已更新证书服务模板。%n%n%1 v%2 (架构 V%3)%n%4%n%5%n%n模板更改信息:%n%t旧模板内容:%t%8%n%t新模板内容:%t%t%7%n%n其他信息:%n%t域控制器:%t%6 |
A Certificate Services template was updated.%n%n%1 v%2 (Schema V%3)%n%4%n%5%n%nTemplate Change Information:%n%tOld Template Content:%t%8%n%tNew Template Content:%t%t%7%n%nAdditional Information:%n%tDomain Controller:%t%6 |
| 0x1324 | 已更新证书服务模板安全性。%n%n%1 v%2 (架构 V%3)%n%4%n%5%n%n模板更改信息:%n%t旧模板内容:%t%t%9%n%t新模板内容:%t%7%n%t旧安全描述符:%t%t%10%n%t新安全描述符:%t%t%8%n%n其他信息:%n%t域控制器:%t%6 |
Certificate Services template security was updated.%n%n%1 v%2 (Schema V%3)%n%4%n%5%n%nTemplate Change Information:%n%tOld Template Content:%t%t%9%n%tNew Template Content:%t%7%n%tOld Security Descriptor:%t%t%10%n%tNew Security Descriptor:%t%t%8%n%nAdditional Information:%n%tDomain Controller:%t%6 |
| 0x1326 | 已创建每用户审核策略表。%n%n元素的数量:%t%1%n策略 ID:%t%2 |
The Per-user audit policy table was created.%n%nNumber of Elements:%t%1%nPolicy ID:%t%2 |
| 0x1328 | 已试图注册安全事件源。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程:%n%t进程 ID:%t%7%n%t进程名称:%t%8%n%n事件源:%n%t源名称:%t%5%n%t事件源 ID:%t%6 |
An attempt was made to register a security event source.%n%nSubject :%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess:%n%tProcess ID:%t%7%n%tProcess Name:%t%8%n%nEvent Source:%n%tSource Name:%t%5%n%tEvent Source ID:%t%6 |
| 0x1329 | 已试图取消注册安全事件源。%n%n使用者%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程:%n%t进程 ID:%t%7%n%t进程名称:%t%8%n%n事件源:%n%t源名称:%t%5%n%t事件源 ID:%t%6 |
An attempt was made to unregister a security event source.%n%nSubject%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess:%n%tProcess ID:%t%7%n%tProcess Name:%t%8%n%nEvent Source:%n%tSource Name:%t%5%n%tEvent Source ID:%t%6 |
| 0x132A | CrashOnAuditFail 值已更改。%n%nCrashOnAuditFail 的新值:%t%1 |
The CrashOnAuditFail value has changed.%n%nNew Value of CrashOnAuditFail:%t%1 |
| 0x132B | 对象的审核设置已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名称:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名称:%t%12%n%n审核设置:%n%t原始安全描述符:%t%9%n%t新安全描述符:%t%t%10 |
Auditing settings on object were changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nAuditing Settings:%n%tOriginal Security Descriptor:%t%9%n%tNew Security Descriptor:%t%t%10 |
| 0x132C | 特殊组登录表已修改。%n%n特殊组:%t%1%n%n在注册表中或通过安全策略更新特殊组列表时,会生成此事件。在事件中会指明更新的特殊组列表。 |
Special Groups Logon table modified.%n%nSpecial Groups:%t%1%n%nThis event is generated when the list of special groups is updated in the registry or through security policy. The updated list of special groups is indicated in the event. |
| 0x132D | TBS 的本地策略设置已更改。%n%n旧的阻止顺序:%t%1%n新的阻止顺序:%t%2 |
The local policy settings for the TBS were changed.%n%nOld Blocked Ordinals:%t%1%nNew Blocked Ordinals:%t%2 |
| 0x132E | TBS 的组策略设置已更改。%n%n组策略设置:%t%t忽略默认设置%n%t旧值:%t%t%1%n%t新值:%t%t%2%n%n组策略设置:%t%t忽略本地设置%n%t旧值:%t%t%3%n%t新值:%t%t%4%n%n旧的阻止顺序:%t%5%n新的阻止顺序:%t%6 |
The group policy settings for the TBS were changed.%n%nGroup Policy Setting:%t%tIgnore Default Settings%n%tOld Value:%t%t%1%n%tNew Value:%t%t%2%n%nGroup Policy Setting:%t%tIgnore Local Settings%n%tOld Value:%t%t%3%n%tNew Value:%t%t%4%n%nOld Blocked Ordinals:%t%5%nNew Blocked Ordinals:%t%6 |
| 0x132F | 对象的资源属性已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n资源属性:%n%t原始安全描述符:%t%9%n%t新安全描述符:%t%t%10 |
Resource attributes of the object were changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nResource Attributes:%n%tOriginal Security Descriptor:%t%9%n%tNew Security Descriptor:%t%t%10 |
| 0x1330 | 每用户审核策略已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n帐户策略:%n%t安全 ID:%t%t%5%n%n策略更改详细信息:%n%t类别:%t%6%n%t子类别:%t%7%n%t子类别 GUID:%t%8%n%t更改:%t%9 |
Per User Audit Policy was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nPolicy For Account:%n%tSecurity ID:%t%t%5%n%nPolicy Change Details:%n%tCategory:%t%6%n%tSubcategory:%t%7%n%tSubcategory GUID:%t%8%n%tChanges:%t%9 |
| 0x1331 | 对象上的中心访问策略已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n中心策略 ID:%n%t原始安全描述符:%t%9%n%t新安全描述符:%t%t%10 |
Central Access Policy on the object was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nCentral Policy ID:%n%tOriginal Security Descriptor:%t%9%n%tNew Security Descriptor:%t%t%10 |
| 0x1340 | Active Directory 副本源命名上下文已建立。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n源地址:%t%3%n命名上下文:%t%4%n选项:%t%t%5%n状态代码:%t%6 |
An Active Directory replica source naming context was established.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nSource Address:%t%3%nNaming Context:%t%4%nOptions:%t%t%5%nStatus Code:%t%6 |
| 0x1341 | Active Directory 副本源命名上下文已删除。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n源地址:%t%3%n命名上下文:%t%4%n选项:%t%t%5%n状态代码:%t%6 |
An Active Directory replica source naming context was removed.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nSource Address:%t%3%nNaming Context:%t%4%nOptions:%t%t%5%nStatus Code:%t%6 |
| 0x1342 | Active Directory 副本源命名上下文已修改。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n源地址:%t%3%n命名上下文:%t%4%n选项:%t%t%5%n状态代码:%t%6 |
An Active Directory replica source naming context was modified.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nSource Address:%t%3%nNaming Context:%t%4%nOptions:%t%t%5%nStatus Code:%t%6 |
| 0x1343 | Active Directory 副本目标命名上下文已修改。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n目标地址:%t%3%n命名上下文:%t%4%n选项:%t%t%5%n状态代码:%t%6 |
An Active Directory replica destination naming context was modified.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nDestination Address:%t%3%nNaming Context:%t%4%nOptions:%t%t%5%nStatus Code:%t%6 |
| 0x1344 | Active Directory 命名上下文副本的同步已开始。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n命名上下文:%t%3%n选项:%t%t%4%n会话 ID:%t%5%n开始 USN:%t%6 |
Synchronization of a replica of an Active Directory naming context has begun.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nNaming Context:%t%3%nOptions:%t%t%4%nSession ID:%t%5%nStart USN:%t%6 |
| 0x1345 | Active Directory 命名上下文副本的同步已结束。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n命名上下文:%t%3%n选项:%t%t%4%n会话 ID:%t%5%n结束 USN:%t%6%n状态代码:%t%7 |
Synchronization of a replica of an Active Directory naming context has ended.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nNaming Context:%t%3%nOptions:%t%t%4%nSession ID:%t%5%nEnd USN:%t%6%nStatus Code:%t%7 |
| 0x1346 | Active Directory 对象的属性已复制。%n%n会话 ID:%t%1%n对象:%t%t%2%n属性:%t%3%n更改的类型:%t%4%n新值:%t%5%nUSN:%t%t%6%n状态代码:%t%7 |
Attributes of an Active Directory object were replicated.%n%nSession ID:%t%1%nObject:%t%t%2%nAttribute:%t%3%nType of change:%t%4%nNew Value:%t%5%nUSN:%t%t%6%nStatus Code:%t%7 |
| 0x1347 | 复制故障开始。%n%n复制事件:%t%1%n审核状态代码:%t%2 |
Replication failure begins.%n%nReplication Event:%t%1%nAudit Status Code:%t%2 |
| 0x1348 | 复制故障结束。%n%n复制事件:%t%1%n审核状态代码:%t%2复制状态代码:%t%3 |
Replication failure ends.%n%nReplication Event:%t%1%nAudit Status Code:%t%2%nReplication Status Code:%t%3 |
| 0x1349 | 已将延迟对象从副本中删除。%n%n目标 DRA:%t%1%n源 DRA:%t%2%n对象:%t%3%n选项:%t%4%n状态代码:%t%5 |
A lingering object was removed from a replica.%n%nDestination DRA:%t%1%nSource DRA:%t%2%nObject:%t%3%nOptions:%t%4%nStatus Code:%t%5 |
| 0x1350 | Windows 防火墙启动时下列策略处于活动状态。%n%n应用的组策略:%t%1%n使用的配置文件:%t%2%n操作模式:%t%3%n允许远程管理:%t%4%n允许单播响应多波/广播流量:%t%5%n安全日志记录:%n%t日志丢弃的数据包:%t%6%n%t日志连接成功的次数:%t%7 |
The following policy was active when the Windows Firewall started.%n%nGroup Policy Applied:%t%1%nProfile Used:%t%2%nOperational mode:%t%3%nAllow Remote Administration:%t%4%nAllow Unicast Responses to Multicast/Broadcast Traffic:%t%5%nSecurity Logging:%n%tLog Dropped Packets:%t%6%n%tLog Successful Connections:%t%7 |
| 0x1351 | Windows 防火墙启动时列出规则。%n%t%n使用的配置文件:%t%1%n%n规则:%n%t规则 ID:%t%2%n%t规则名称:%t%3 |
A rule was listed when the Windows Firewall started.%n%t%nProfile used:%t%1%n%nRule:%n%tRule ID:%t%2%n%tRule Name:%t%3 |
| 0x1352 | 已更改 Windows 防火墙例外列表。已添加规则。%n%t%n更改的配置文件:%t%1%n%n添加的规则:%n%t规则 ID:%t%2%n%t规则名称:%t%3 |
A change was made to the Windows Firewall exception list. A rule was added.%n%t%nProfile Changed:%t%1%n%nAdded Rule:%n%tRule ID:%t%2%n%tRule Name:%t%3 |
| 0x1353 | 已更改 Windows 防火墙例外列表。已修改规则。%n%t%n更改的配置文件:%t%1%n%n修改的规则:%n%t规则 ID:%t%2%n%t规则名称:%t%3 |
A change was made to the Windows Firewall exception list. A rule was modified.%n%t%nProfile Changed:%t%1%n%nModified Rule:%n%tRule ID:%t%2%n%tRule Name:%t%3 |
| 0x1354 | 已更改 Windows 防火墙例外列表。已删除规则。%n%t%n更改的配置文件:%t%1%n%n删除的规则:%n%t规则 ID:%t%2%n%t规则名称:%t%3 |
A change was made to the Windows Firewall exception list. A rule was deleted.%n%t%nProfile Changed:%t%1%n%nDeleted Rule:%n%tRule ID:%t%2%n%tRule Name:%t%3 |
| 0x1355 | 已将 Windows 防火墙设置还原为默认值。 |
Windows Firewall settings were restored to the default values. |
| 0x1356 | 已更改 Windows 防火墙设置。%n%t%n已更改的配置文件:%t%1%n%n新设置:%n%t类型:%t%2%n%t值:%t%3 |
A Windows Firewall setting was changed.%n%t%nChanged Profile:%t%1%n%nNew Setting:%n%tType:%t%2%n%tValue:%t%3 |
| 0x1357 | Windows 防火墙忽略了某个规则,因为无法识别该规则的主要版本号。%n%t%n配置文件:%t%1%n%n忽略的规则:%n%tID:%t%2%n%t名称:%t%3 |
Windows Firewall ignored a rule because its major version number is not recognized.%n%t%nProfile:%t%1%n%nIgnored Rule:%n%tID:%t%2%n%tName:%t%3 |
| 0x1358 | Windows 防火墙忽略了规则的某些部分,因为无法识别该规则的次要版本号。该规则的其他部分将被强行实施。%n%t%n配置文件:%t%1%n%n部分忽略的规则:%n%tID:%t%2%n%t名称:%t%3 |
Windows Firewall ignored parts of a rule because its minor version number is not recognized. Other parts of the rule will be enforced.%n%t%nProfile:%t%1%n%nPartially Ignored Rule:%n%tID:%t%2%n%tName:%t%3 |
| 0x1359 | Windows 防火墙忽略了某个规则,因为无法分析该规则。%n%t%n配置文件:%t%1%n%n拒绝的原因:%t%2%n%n规则:%n%tID:%t%3%n%t名称:%t%4 |
Windows Firewall ignored a rule because it could not be parsed.%n%t%nProfile:%t%1%n%nReason for Rejection:%t%2%n%nRule:%n%tID:%t%3%n%tName:%t%4 |
| 0x135A | Windows 防火墙的组策略设置已发生更改,并应用了新设置。 |
Group Policy settings for Windows Firewall were changed, and the new settings were applied. |
| 0x135C | Windows 防火墙已更改活动配置文件。%n%n新的活动配置文件:%t%1 |
Windows Firewall changed the active profile.%n%nNew Active Profile:%t%1 |
| 0x135D | Windows 防火墙未应用下列规则:%n%n规则信息:%n%tID:%t%1%n%t名称:%t%2%n%n错误信息:%n%t原因:%t%3 解析为空集。 |
Windows Firewall did not apply the following rule:%n%nRule Information:%n%tID:%t%1%n%tName:%t%2%n%nError Information:%n%tReason:%t%3 resolved to an empty set. |
| 0x135E | Windows 防火墙未应用下列规则,因为该规则已引用未在此计算机上配置的项:%n%n规则信息:%n%tID:%t%1%n%t名称:%t%2%n%n错误信息:%n%t错误:%t%3%n%t原因:%t%4 |
Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer:%n%nRule Information:%n%tID:%t%1%n%tName:%t%2%n%nError Information:%n%tError:%t%3%n%tReason:%t%4 |
| 0x1360 | IPSec 已丢弃未通过完整性检查的入站数据包。如果此问题仍存在,则可能指示网络存在问题,或者指示数据包在传输到此计算机的过程中被修改。请确认从远程计算机发送的数据包与此计算机所接收的数据包是否相同。此错误可能还指示与其他 IPSec 实现之间存在互操作性问题。%n%n远程网络地址:%t%1%n入站 SA SPI:%t%t%2 |
IPsec dropped an inbound packet that failed an integrity check. If this problem persists, it could indicate a network issue or that packets are being modified in transit to this computer. Verify that the packets sent from the remote computer are the same as those received by this computer. This error might also indicate interoperability problems with other IPsec implementations.%n%nRemote Network Address:%t%1%nInbound SA SPI:%t%t%2 |
| 0x1361 | IPSec 已丢弃未通过重播检查的入站数据包。如果此问题仍存在,则可能指示存在对此计算机的重播攻击。%n%n远程网络地址:%t%1%n入站 SA SPI:%t%t%2 |
IPsec dropped an inbound packet that failed a replay check. If this problem persists, it could indicate a replay attack against this computer.%n%nRemote Network Address:%t%1%nInbound SA SPI:%t%t%2 |
| 0x1362 | IPSec 已丢弃未通过重播检查的入站数据包。入站数据包的序列号太低,无法确保它不是重播。%n%n远程网络地址:%t%1%n入站 SA SPI:%t%t%2 |
IPsec dropped an inbound packet that failed a replay check. The inbound packet had too low a sequence number to ensure it was not a replay.%n%nRemote Network Address:%t%1%nInbound SA SPI:%t%t%2 |
| 0x1363 | IPSec 已丢弃应加密的入站明文数据包。如果远程计算机配置了请求出站 IPSec 策略,这可能是良性的并且能够预期。这还可能是由于远程计算机更改其 IPSec 策略时未通知此计算机所导致。这也可能是一次欺骗攻击尝试。%n%n远程网络地址:%t%1%n入站 SA SPI:%t%t%2 |
IPsec dropped an inbound clear text packet that should have been secured. If the remote computer is configured with a Request Outbound IPsec policy, this might be benign and expected. This can also be caused by the remote computer changing its IPsec policy without informing this computer. This could also be a spoofing attack attempt.%n%nRemote Network Address:%t%1%nInbound SA SPI:%t%t%2 |
| 0x1364 | 已将特殊组分配给新登录。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%t登录 GUID:%t%5%n%n新登录:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%t登录 GUID:%t%10%n%t已分配的特殊组:%t%11 |
Special groups have been assigned to a new logon.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%tLogon GUID:%t%5%n%nNew Logon:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%tLogon GUID:%t%10%n%tSpecial Groups Assigned:%t%11 |
| 0x1365 | IPSec 从远程计算机接收到安全参数索引(SPI)不正确的数据包。这通常是由损坏数据包的故障硬件引起的。如果这些错误仍存在,请验证从远程计算机发送出去的数据包与此计算机所接收到的数据包是否相同。此错误可能还指示与其他 IPSec 实施之间存在互操作性问题。在这种情况下,如果连接未受到阻碍,则可以忽略这些事件。%n%n远程网络地址:%t%1%n入站 SA SPI:%t%t%2 |
IPsec received a packet from a remote computer with an incorrect Security Parameter Index (SPI). This is usually caused by malfunctioning hardware that is corrupting packets. If these errors persist, verify that the packets sent from the remote computer are the same as those received by this computer. This error might also indicate interoperability problems with other IPsec implementations. In that case, if connectivity is not impeded, then these events can be ignored.%n%nRemote Network Address:%t%1%nInbound SA SPI:%t%t%2 |
| 0x1370 | 在主模式协商过程中,IPSec 接收到无效协商数据包。如果此问题仍存在,则可能指示网络存在问题,或者指示尝试修改或重播此协商。%n%n本地网络地址:%t%1%n远程网络地址:%t%2%n键控模块名称:%t%3 |
During main mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.%n%nLocal Network Address:%t%1%nRemote Network Address:%t%2%nKeying Module Name:%t%3 |
| 0x1371 | 在快速模式协商过程中,IPSec 接收到无效协商数据包。如果此问题仍存在,则可能指示网络存在问题,或者指示尝试修改或重播此协商。%n%n本地网络地址:%t%1%n远程网络地址:%t%2%n键控模块名称:%t%3 |
During quick mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.%n%nLocal Network Address:%t%1%nRemote Network Address:%t%2%nKeying Module Name:%t%3 |
| 0x1372 | 在扩展模式协商过程中,IPSec 接收到无效协商数据包。如果此问题仍存在,则可能指示网络存在问题,或者指示尝试修改或重播此协商。%n%n本地网络地址:%t%1%n远程网络地址:%t%2%n键控模块名称:%t%3 |
During extended mode negotiation, IPsec received an invalid negotiation packet. If this problem persists, it could indicate a network issue or an attempt to modify or replay this negotiation.%n%nLocal Network Address:%t%1%nRemote Network Address:%t%2%nKeying Module Name:%t%3 |
| 0x1373 | 已建立 IPSec 主模式和扩展模式安全关联。%n%n主模式本地终结点:%n%t主要名称:%t%t%1%n%t网络地址:%t%3%n%t键控模块端口:%t%4%n%n主模式远程终结点:%n%t主要名称:%t%2%n%t网络地址:%t%5%n%t键控模块端口:%t%6%n%n主模式加密信息:%n%t密码算法:%t%8%n%t完整性算法:%t%9%n%tDiffie-Hellman 组:%t%10%n%n主模式安全关联:%n%t生存时间(分钟):%t%11%n%t快速模式限制:%t%12%n%t主模式 SA ID:%t%16%n%t%n主模式附加信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%t%7%n%t角色:%t%t%t%13%n%t模拟状态:%t%t%14%n%t主模式筛选器 ID:%t%t%15%n%n扩展模式信息:%n%t本地主要名称:%t%t%17%n%t远程主要名称:%t%t%18%n%t身份验证方法:%t%t%19%n%t模拟状态:%t%t%20%n%t快速模式筛选器 ID:%t%21 |
IPsec main mode and extended mode security associations were established.%n%nMain Mode Local Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%3%n%tKeying Module Port:%t%4%n%nMain Mode Remote Endpoint:%n%tPrincipal Name:%t%2%n%tNetwork Address:%t%5%n%tKeying Module Port:%t%6%n%nMain Mode Cryptographic Information:%n%tCipher Algorithm:%t%8%n%tIntegrity Algorithm:%t%9%n%tDiffie-Hellman Group:%t%10%n%nMain Mode Security Association:%n%tLifetime (minutes):%t%11%n%tQuick Mode Limit:%t%12%n%tMain Mode SA ID:%t%16%n%t%nMain Mode Additional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%t%7%n%tRole:%t%t%t%13%n%tImpersonation State:%t%14%n%tMain Mode Filter ID:%t%15%n%nExtended Mode Information:%n%tLocal Principal Name:%t%17%n%tRemote Principal Name:%t%18%n%tAuthentication Method:%t%19%n%tImpersonation State:%t%20%n%tQuick Mode Filter ID:%t%21 |
| 0x1374 | 已建立 IPSec 主模式和扩展模式安全关联。%n%n主模式本地终结点:%n%t主要名称:%t%t%1%n%t网络地址:%t%3%n%t键控模块端口:%t%4%n%n主模式远程终结点:%n%t主要名称:%t%2%n%t网络地址:%t%5%n%t键控模块端口:%t%6%n%n主模式加密信息:%n%t密码算法:%t%8%n%t完整性算法:%t%9%n%tDiffie-Hellman 组:%t%10%n%n主模式安全关联:%n%t生存时间(分钟):%t%11%n%t快速模式限制:%t%12%n%t主模式 SA ID:%t%16%n%t%n主模式附加信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%t%7%n%t角色:%t%t%t%13%n%t模拟状态:%t%14%n%t主模式筛选器 ID:%t%15%n%n扩展模式本地终结点:%n%t主要名称:%t%17%n%t证书 SHA 指纹:%t%18%n%t证书发证 CA:%t%19%n%t证书根 CA:%t%20%n%n扩展模式远程终结点:%n%t主要名称:%t%21%n%t证书 SHA 指纹:%t%22%n%t证书发证 CA:%t%23%n%t证书根 CA:%t%24%n%n扩展模式附加信息:%n%t身份验证方法:%tSSL%n%t模拟状态:%t%25%n%t快速模式筛选器 ID:%t%26 |
IPsec main mode and extended mode security associations were established.%n%nMain Mode Local Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%3%n%tKeying Module Port:%t%4%n%nMain Mode Remote Endpoint:%n%tPrincipal Name:%t%2%n%tNetwork Address:%t%5%n%tKeying Module Port:%t%6%n%nMain Mode Cryptographic Information:%n%tCipher Algorithm:%t%8%n%tIntegrity Algorithm:%t%9%n%tDiffie-Hellman Group:%t%10%n%nMain Mode Security Association:%n%tLifetime (minutes):%t%11%n%tQuick Mode Limit:%t%12%n%tMain Mode SA ID:%t%16%n%t%nMain Mode Additional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%t%7%n%tRole:%t%t%t%13%n%tImpersonation State:%t%14%n%tMain Mode Filter ID:%t%15%n%nExtended Mode Local Endpoint:%n%tPrincipal Name:%t%17%n%tCertificate SHA Thumbprint:%t%18%n%tCertificate Issuing CA:%t%19%n%tCertificate Root CA:%t%20%n%nExtended Mode Remote Endpoint:%n%tPrincipal Name:%t%21%n%tCertificate SHA Thumbprint:%t%22%n%tCertificate Issuing CA:%t%23%n%tCertificate Root CA:%t%24%n%nExtended Mode Additional Information:%n%tAuthentication Method:%tSSL%n%tImpersonation State:%t%25%n%tQuick Mode Filter ID:%t%26 |
| 0x1375 | 已建立 IPSec 主模式和扩展模式安全关联。%n%n本地终结点:%n%t主要名称:%t%t%1%n%t网络地址:%t%9%n%t键控模块端口:%t%10%n%n本地证书:%n%tSHA 指纹:%t%2%n%t发证 CA:%t%t%3%n%t根 CA:%t%t%4%n%n远程终结点:%n%t主要名称:%t%t%5%n%t网络地址:%t%11%n%t键控模块端口:%t%12%n%n远程证书:%n%tSHA 指纹:%t%6%n%t发证 CA:%t%t%7%n%t根 CA:%t%t%8%n%n加密信息:%n%t密码算法:%t%13%n%t完整性算法:%t%14%n%tDiffie-Hellman 组:%t%15%n%n安全关联信息:%n%t生存时间(分钟):%t%16%n%t快速模式限制:%t%17%n%t主模式 SA ID:%t%21%n%n附加信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%tSSL%n%t角色:%t%t%t%18%n%t模拟状态:%t%t%19%n%t主模式筛选器 ID:%t%t%20%n%t%nn扩展模式信息:%n%t本地主要名称:%t%t%22%n%t远程主要名称:%t%t%23%n%t身份验证方法:%t%t%24%n%t模拟状态:%t%t%25%n%t快速模式筛选器 ID:%t%26 |
IPsec main mode and extended mode security associations were established.%n%nLocal Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%9%n%tKeying Module Port:%t%10%n%nLocal Certificate:%n%tSHA Thumbprint:%t%2%n%tIssuing CA:%t%t%3%n%tRoot CA:%t%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%5%n%tNetwork Address:%t%11%n%tKeying Module Port:%t%12%n%nRemote Certificate:%n%tSHA Thumbprint:%t%6%n%tIssuing CA:%t%t%7%n%tRoot CA:%t%t%8%n%nCryptographic Information:%n%tCipher Algorithm:%t%13%n%tIntegrity Algorithm:%t%14%n%tDiffie-Hellman Group:%t%15%n%nSecurity Association Information:%n%tLifetime (minutes):%t%16%n%tQuick Mode Limit:%t%17%n%tMain Mode SA ID:%t%21%n%nAdditional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%tSSL%n%tRole:%t%t%t%18%n%tImpersonation State:%t%19%n%tMain Mode Filter ID:%t%20%n%t%nExtended Mode Information:%n%tLocal Principal Name:%t%22%n%tRemote Principal Name:%t%23%n%tAuthentication Method:%t%24%n%tImpersonation State:%t%25%n%tQuick Mode Filter ID:%t%26 |
| 0x1376 | 已建立 IPSec 主模式和扩展模式安全关联。%n%n本地终结点:%n%t主体名称:%t%t%1%n%t网络地址:%t%n%t键控模块端口:%t%9%n%n本地证书:%n%tSHA 指纹:%t%2%n%t发证 CA:%t%t%3%n%t根 CA:%t%t%4%n%n远程终结点:%n%t主体名称:%t%t%5%n%t网络地址:%t%10%n%t键控模块端口:%t%11%n%n远程证书:%n%tSHA 指纹:%t%6%n%t发证 CA:%t%t%7%n%t根 CA:%t%t%8%n%n加密信息:%n%t密码算法:%t%12%n%t完整性算法:%t%13%n%tDiffie-Hellman 组:%t%14%n%n安全关联信息:%n%t生存时间(分钟):%t%15%n%t快速模式限制:%t%16%n%t主模式 SA ID:%t%20%n%n附加信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%tSSL%n%t角色:%t%t%t%17%n%t模拟状态:%t%18%n%t主模式筛选器 ID:%t%19%n%t%n扩展模式本地终结点:%n%t主体名称:%t%t%21%n%t证书 SHA 指纹:%t%22%n%t证书发证 CA:%t%23%n%t证书根 CA:%t%24%n%n扩展模式远程终结点:%n%t主体名称:%t%t%25%n%t证书 SHA 指纹:%t%26%n%t证书发证 CA:%t%27%n%t证书根 CA:%t%28%n扩展模式附加信息:%n%t身份验证方法:%tSSL%n%t模拟状态:%t%29%n%t快速模式筛选器 ID:%t%30 |
IPsec main mode and extended mode security associations were established.%n%nLocal Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%n%tKeying Module Port:%t%9%n%nLocal Certificate:%n%tSHA Thumbprint:%t%2%n%tIssuing CA:%t%t%3%n%tRoot CA:%t%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%5%n%tNetwork Address:%t%10%n%tKeying Module Port:%t%11%n%nRemote Certificate:%n%tSHA Thumbprint:%t%6%n%tIssuing CA:%t%t%7%n%tRoot CA:%t%t%8%n%nCryptographic Information:%n%tCipher Algorithm:%t%12%n%tIntegrity Algorithm:%t%13%n%tDiffie-Hellman Group:%t%14%n%nSecurity Association Information:%n%tLifetime (minutes):%t%15%n%tQuick Mode Limit:%t%16%n%tMain Mode SA ID:%t%20%n%nAdditional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%tSSL%n%tRole:%t%t%t%17%n%tImpersonation State:%t%18%n%tMain Mode Filter ID:%t%19%n%t%nExtended Mode Local Endpoint:%n%tPrincipal Name:%t%t%21%n%tCertificate SHA Thumbprint:%t%22%n%tCertificate Issuing CA:%t%23%n%tCertificate Root CA:%t%24%n%nExtended Mode Remote Endpoint:%n%tPrincipal Name:%t%t%25%n%tCertificate SHA Thumbprint:%t%26%n%tCertificate Issuing CA:%t%27%n%tCertificate Root CA:%t%28%nExtended Mode Additional Information:%n%tAuthentication Method:%tSSL%n%tImpersonation State:%t%29%n%tQuick Mode Filter ID:%t%30 |
| 0x1377 | IPSec 扩展模式协商失败。已删除相应的主模式安全关联。%n%n%n本地终结点:%n%t主要名称:%t%t%1%n%t网络地址:%t%9%n%t键控模块端口:%t%10%n%n本地证书:%n%tSHA 指纹:%t%2%n%t发证 CA:%t%t%3%n%t根 CA:%t%t%4%n%n远程终结点:%n%t主要名称:%t%t%5%n%t网络地址:%t%11%n%t键控模块端口:%t%12%n%n远程证书:%n%tSHA 指纹:%t%6%n%t发证 CA:%t%t%7%n%t根 CA:%t%t%8%n%n其他信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%tSSL%n%t角色:%t%t%t%16%n%t模拟状态:%t%17%n%t快速模式筛选器 ID:%t%18%n%n失败信息:%n%t失败点:%t%t%13%n%t失败原因:%t%t%14%n%t状态:%t%t%t%15 |
An IPsec extended mode negotiation failed. The corresponding main mode security association has been deleted.%n%n%nLocal Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%9%n%tKeying Module Port:%t%10%n%nLocal Certificate:%n%tSHA Thumbprint:%t%2%n%tIssuing CA:%t%t%3%n%tRoot CA:%t%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%5%n%tNetwork Address:%t%11%n%tKeying Module Port:%t%12%n%nRemote Certificate:%n%tSHA Thumbprint:%t%6%n%tIssuing CA:%t%t%7%n%tRoot CA:%t%t%8%n%nAdditional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%tSSL%n%tRole:%t%t%t%16%n%tImpersonation State:%t%17%n%tQuick Mode Filter ID:%t%18%n%nFailure Information:%n%tFailure Point:%t%t%13%n%tFailure Reason:%t%t%14%n%tState:%t%t%t%15 |
| 0x1378 | IPSec 扩展模式协商失败。已删除相应的主模式安全关联。%n%n本地终结点:%n%t主体名称:%t%t%1%n%t网络地址:%t%3%n%t键控模块端口:%t%4%n%n远程终结点:%n%t主体名称:%t%t%2%n%t网络地址:%t%5%n%t键控模块端口:%t%6%n%n其他信息:%n%t键控模块名称:%tAuthIP%n%t身份验证方法:%t%9%n%t角色:%t%t%t%11%n%t模拟状态:%t%12%n%t快速模式筛选器 ID:%t%13%n%n失败信息:%n%t失败点:%t%t%7%n%t失败原因:%t%t%8%n%t状态:%t%t%t%10 |
An IPsec extended mode negotiation failed. The corresponding main mode security association has been deleted.%n%nLocal Endpoint:%n%tPrincipal Name:%t%t%1%n%tNetwork Address:%t%3%n%tKeying Module Port:%t%4%n%nRemote Endpoint:%n%tPrincipal Name:%t%t%2%n%tNetwork Address:%t%5%n%tKeying Module Port:%t%6%n%nAdditional Information:%n%tKeying Module Name:%tAuthIP%n%tAuthentication Method:%t%9%n%tRole:%t%t%t%11%n%tImpersonation State:%t%12%n%tQuick Mode Filter ID:%t%13%n%nFailure Information:%n%tFailure Point:%t%t%7%n%tFailure Reason:%t%t%8%n%tState:%t%t%t%10 |
| 0x1379 | 事务的状态已更改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n事务信息:%n%tRM 事务 ID:%t%5%n%t新状态:%t%t%6%n%t资源管理器:%t%7%n%n进程信息:%n%t进程 ID:%t%t%8%n%t进程名称:%t%t%9 |
The state of a transaction has changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nTransaction Information:%n%tRM Transaction ID:%t%5%n%tNew State:%t%t%6%n%tResource Manager:%t%7%n%nProcess Information:%n%tProcess ID:%t%t%8%n%tProcess Name:%t%t%9 |
| 0x13A0 | Windows 防火墙服务已成功启动。 |
The Windows Firewall service started successfully. |
| 0x13A1 | Windows 防火墙服务已停止。 |
The Windows Firewall service was stopped. |
| 0x13A3 | Windows 防火墙服务无法从本地存储中检索安全策略。Windows 防火墙将继续实施当前策略。%n%n错误代码:%t%1 |
The Windows Firewall service was unable to retrieve the security policy from the local storage. Windows Firewall will continue to enforce the current policy.%n%nError Code:%t%1 |
| 0x13A4 | Windows 防火墙无法解析新的安全策略。Windows 防火墙将继续实施当前策略。%n%n错误代码:%t%1 |
Windows Firewall was unable to parse the new security policy. Windows Firewall will continue to enforce the current policy.%n%nError Code:%t%1 |
| 0x13A5 | Windows 防火墙服务无法初始化驱动程序。Windows 防火墙将继续实施当前策略。%n%n错误代码:%t%1 |
The Windows Firewall service failed to initialize the driver. Windows Firewall will continue to enforce the current policy.%n%nError Code:%t%1 |
| 0x13A6 | Windows 防火墙服务无法启动。%n%n错误代码:%t%1 |
The Windows Firewall service failed to start.%n%nError Code:%t%1 |
| 0x13A7 | Windows 防火墙已阻止应用程序接受网络上的传入连接。%n%n配置文件:%t%t%1%n应用程序:%t%t%2 |
Windows Firewall blocked an application from accepting incoming connections on the network.%n%nProfiles:%t%t%1%nApplication:%t%t%2 |
| 0x13A8 | Windows 防火墙无法通知用户其已阻止应用程序接受网络上的传入连接。%n%n错误代码:%t%1 |
Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.%n%nError Code:%t%1 |
| 0x13A9 | Windows 防火墙驱动程序已成功启动。 |
The Windows Firewall Driver started successfully. |
| 0x13AA | Windows 防火墙驱动程序已停止。 |
The Windows Firewall Driver was stopped. |
| 0x13AB | Windows 防火墙驱动程序无法启动。%n%n错误代码:%t%1 |
The Windows Firewall Driver failed to start.%n%nError Code:%t%1 |
| 0x13AD | Windows 防火墙驱动程序已检测到关键运行时错误,正在终止。%n%n错误代码:%t%1 |
The Windows Firewall Driver detected a critical runtime error, terminating.%n%nError Code:%t%1 |
| 0x13AE | 代码完整性已确定文件的图像哈希无效。文件可能由于未授权的修改而毁坏,或者无效的哈希会指示可能的磁盘设备错误。%n%n文件名:%t%1%t |
Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.%n%nFile Name:%t%1%t |
| 0x13AF | 注册表项已被虚拟化。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t密钥名称:%t%t%5%n%t虚拟密钥名称:%t%t%6%n%n进程信息:%n%t进程 ID:%t%t%7%n%t进程名称:%t%t%8 |
A registry key was virtualized.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tKey Name:%t%t%5%n%tVirtual Key Name:%t%t%6%n%nProcess Information:%n%tProcess ID:%t%t%7%n%tProcess Name:%t%t%8 |
| 0x13B0 | 已更改 IPSec 设置。已添加身份验证集。%n%t%n更改的配置文件:%t%t%1%n%n添加的身份验证集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. An authentication set was added.%n%t%nProfile Changed:%t%t%1%n%nAdded Authentication Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B1 | 已更改 IPSec 设置。已修改身份验证集。%n%t%n更改的配置文件:%t%t%1%n%n修改的身份验证集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. An authentication set was modified.%n%t%nProfile Changed:%t%t%1%n%nModified Authentication Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B2 | 已更改 IPSec 设置。已删除身份验证集。%n%t%n更改的配置文件:%t%t%1%n%n删除的身份验证集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. An authentication set was deleted.%n%t%nProfile Changed:%t%t%1%n%nDeleted Authentication Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B3 | 已更改 IPSec 设置。已添加连接安全规则。%n%t%n更改的配置文件:%t%t%1%n%n添加的连接安全规则:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A connection security rule was added.%n%t%nProfile Changed:%t%t%1%n%nAdded Connection Security Rule:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B4 | 已更改 IPSec 设置。已修改连接安全规则。%n%t%n更改的配置文件:%t%1%n%n修改的连接安全规则:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A connection security rule was modified.%n%t%nProfile Changed:%t%1%n%nModified Connection Security Rule:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B5 | 已更改 IPSec 设置。已删除连接安全规则。%n%t%n更改的配置文件:%t%1%n%n删除的连接安全规则:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A connection security rule was deleted.%n%t%nProfile Changed:%t%1%n%nDeleted Connection Security Rule:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B6 | 已更改 IPSec 设置。已添加加密集。%n%t%n更改的配置文件:%t%1%n%n添加的加密集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A crypto set was added.%n%t%nProfile Changed:%t%1%n%nAdded Crypto Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B7 | 已更改 IPSec 设置。已修改加密集。%n%t%n更改的配置文件:%t%1%n%n修改的加密集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A crypto set was modified.%n%t%nProfile Changed:%t%1%n%nModified Crypto Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B8 | 已更改 IPSec 设置。已删除加密集。%n%t%n更改的配置文件:%t%1%n%n删除的加密集:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
A change was made to IPsec settings. A crypto set was deleted.%n%t%nProfile Changed:%t%1%n%nDeleted Crypto Set:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13B9 | 已删除 IPSec 安全关联。%n%t%n更改的配置文件:%t%1%n%n删除的 SA:%n%tID:%t%t%t%2%n%t名称:%t%t%t%3 |
An IPsec security association was deleted.%n%t%nProfile Changed:%t%1%n%nDeleted SA:%n%tID:%t%t%t%2%n%tName:%t%t%t%3 |
| 0x13BA | 使用调用 INetFwProfile.FirewallEnabled(FALSE) 接口尝试从程序禁用 Windows 防火墙被拒绝,因为此版本的 Windows 不支持该 API。发生这种情况最可能是因为某个程序与此版本的 Windows 不兼容。请与此程序的制造商联系以确保拥有兼容的程序版本。%n%n错误代码:%t%tE_NOTIMPL%n调用方进程名称:%t%t%1%n进程 ID:%t%t%2%n发布者:%t%t%3 |
An attempt to programmatically disable Windows Firewall using a call to INetFwProfile.FirewallEnabled(FALSE) interface was rejected because this API is not supported on this version of Windows. This is most likely due to a program that is incompatible with this version of Windows. Please contact the program's manufacturer to make sure you have a compatible program version.%n%nError Code:%t%tE_NOTIMPL%nCaller Process Name:%t%t%1%nProcess Id:%t%t%2%nPublisher:%t%t%3 |
| 0x13BB | 文件已被虚拟化。%n%n使用者:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%t%4%n%n对象:%n%t文件名:%t%t%t%5%n%t虚拟文件名:%t%6%n%n进程信息:%n%t进程 ID:%t%t%t%7%n%t进程名称:%t%t%t%8 |
A file was virtualized.%n%nSubject:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%t%4%n%nObject:%n%tFile Name:%t%t%t%5%n%tVirtual File Name:%t%6%n%nProcess Information:%n%tProcess ID:%t%t%t%7%n%tProcess Name:%t%t%t%8 |
| 0x13C0 | 已执行加密自检。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n模块:%t%t%5%n%n返回代码:%t%6 |
A cryptographic self test was performed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nModule:%t%t%5%n%nReturn Code:%t%6 |
| 0x13C1 | 加密基元操作失败。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密参数:%n%t提供程序名称:%t%t%5%n%t算法名称:%t%6%n%n失败信息:%n%t原因:%t%t%t%7%n%t返回代码:%t%t%8 |
A cryptographic primitive operation failed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Parameters:%n%tProvider Name:%t%t%5%n%tAlgorithm Name:%t%6%n%nFailure Information:%n%tReason:%t%t%t%7%n%tReturn Code:%t%t%8 |
| 0x13C2 | 密钥文件操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密参数:%n%t提供程序名称:%t%5%n%t算法名称:%t%6%n%t密钥名称:%t%7%n%t密钥类型:%t%8%n%n密钥文件操作信息:%n%t文件路径:%t%9%n%t操作:%t%10%n%t返回代码:%t%11 |
Key file operation.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Parameters:%n%tProvider Name:%t%5%n%tAlgorithm Name:%t%6%n%tKey Name:%t%7%n%tKey Type:%t%8%n%nKey File Operation Information:%n%tFile Path:%t%9%n%tOperation:%t%10%n%tReturn Code:%t%11 |
| 0x13C3 | 密钥迁移操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密参数:%n%t提供程序名称:%t%5%n%t算法名称:%t%6%n%t密钥名称:%t%7%n%t密钥类型:%t%8%n%n其他信息:%n%t操作:%t%9%n%t返回代码:%t%10 |
Key migration operation.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Parameters:%n%tProvider Name:%t%5%n%tAlgorithm Name:%t%6%n%tKey Name:%t%7%n%tKey Type:%t%8%n%nAdditional Information:%n%tOperation:%t%9%n%tReturn Code:%t%10 |
| 0x13C4 | 验证操作失败。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密参数:%n%t提供程序名称:%t%5%n%t算法名称:%t%6%n%t密钥名称:%t%7%n%t密钥类型:%t%8%n%n失败信息:%n%t原因:%t%9%n%t返回代码:%t%10 |
Verification operation failed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Parameters:%n%tProvider Name:%t%5%n%tAlgorithm Name:%t%6%n%tKey Name:%t%7%n%tKey Type:%t%8%n%nFailure Information:%n%tReason:%t%9%n%tReturn Code:%t%10 |
| 0x13C5 | 加密操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密参数:%n%t提供程序名称:%t%5%n%t算法名称:%t%6%n%t密钥名称:%t%7%n%t密钥类型:%t%8%n%n加密操作:%n%t操作:%t%9%n%t返回代码:%t%10 |
Cryptographic operation.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Parameters:%n%tProvider Name:%t%5%n%tAlgorithm Name:%t%6%n%tKey Name:%t%7%n%tKey Type:%t%8%n%nCryptographic Operation:%n%tOperation:%t%9%n%tReturn Code:%t%10 |
| 0x13C6 | 已执行内核模式加密自检。%n%n模块:%t%1%n%n返回代码:%t%2 |
A kernel-mode cryptographic self test was performed.%n%nModule:%t%1%n%nReturn Code:%t%2 |
| 0x13C7 | 已尝试加密提供程序操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n加密提供程序:%n%t名称:%t%5%n%t模块:%t%6%n%n操作:%t%7%n%n返回代码:%t%8 |
A cryptographic provider operation was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCryptographic Provider:%n%tName:%t%5%n%tModule:%t%6%n%nOperation:%t%7%n%nReturn Code:%t%8 |
| 0x13C8 | 已尝试加密上下文操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%n操作:%t%7%n%n返回代码:%t%8 |
A cryptographic context operation was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%nOperation:%t%7%n%nReturn Code:%t%8 |
| 0x13C9 | 已尝试加密上下文修改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%n更改信息:%n%t旧值:%t%7%n%t新值:%t%8%n%n返回代码:%t%9 |
A cryptographic context modification was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%nChange Information:%n%tOld Value:%t%7%n%tNew Value:%t%8%n%nReturn Code:%t%9 |
| 0x13CA | 已尝试加密函数操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%t接口:%t%7%n%t功能:%t%8%n%t位置:%t%9%n%n操作:%t%10%n%n返回代码:%t%11 |
A cryptographic function operation was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%tInterface:%t%7%n%tFunction:%t%8%n%tPosition:%t%9%n%nOperation:%t%10%n%nReturn Code:%t%11 |
| 0x13CB | 已尝试加密函数修改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%t接口:%t%7%n%t功能:%t%8%n%n更改信息:%n%t旧值:%t%9%n%t新值:%t%10%n%n返回代码:%t%11 |
A cryptographic function modification was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%tInterface:%t%7%n%tFunction:%t%8%n%nChange Information:%n%tOld Value:%t%9%n%tNew Value:%t%10%n%nReturn Code:%t%11 |
| 0x13CC | 已尝试加密函数提供程序操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%t接口:%t%7%n%t功能:%t%8%n%t提供程序:%t%9%n%t位置:%t%10%n%n操作:%t%11%n%n返回代码:%t%12 |
A cryptographic function provider operation was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%tInterface:%t%7%n%tFunction:%t%8%n%tProvider:%t%9%n%tPosition:%t%10%n%nOperation:%t%11%n%nReturn Code:%t%12 |
| 0x13CD | 已尝试加密函数属性操作。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%t接口:%t%7%n%t功能:%t%8%n%t属性:%t%9%n%n操作:%t%10%n%n值:%t%11%n%n返回代码:%t%12 |
A cryptographic function property operation was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%tInterface:%t%7%n%tFunction:%t%8%n%tProperty:%t%9%n%nOperation:%t%10%n%nValue:%t%11%n%nReturn Code:%t%12 |
| 0x13CE | 已尝试加密函数属性修改。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n配置参数:%n%t范围:%t%5%n%t上下文:%t%6%n%t接口:%t%7%n%t功能:%t%8%n%t属性:%t%9%n%n更改信息:%n%t旧值:%t%10%n%t新值:%t%11%n%n返回代码:%t%12 |
A cryptographic function property modification was attempted.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nConfiguration Parameters:%n%tScope:%t%5%n%tContext:%t%6%n%tInterface:%t%7%n%tFunction:%t%8%n%tProperty:%t%9%n%nChange Information:%n%tOld Value:%t%10%n%tNew Value:%t%11%n%nReturn Code:%t%12 |
| 0x13CF | Microsoft 密钥发行服务已拒绝密钥访问。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n安全描述符:%t%5 |
Key access denied by Microsoft key distribution service.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nSecurity Descriptor:%t%5 |
| 0x1400 | 已启动 OCSP 响应程序服务。 |
OCSP Responder Service Started. |
| 0x1401 | 已停止 OCSP 响应程序服务。 |
OCSP Responder Service Stopped. |
| 0x1402 | 已更改 OCSP 响应程序服务中的配置项。%n%nCA 配置 ID:%t%t%1%n新值:%t%t%2 |
A Configuration entry changed in the OCSP Responder Service.%n%nCA Configuration ID:%t%t%1%nNew Value:%t%t%2 |
| 0x1403 | 已更改 OCSP 响应程序服务中的配置项。%n%n属性名称:%t%t%1%n新值:%t%t%2 |
A configuration entry changed in the OCSP Responder Service.%n%nProperty Name:%t%t%1%nNew Value:%t%t%2 |
| 0x1404 | 已更新 OCSP 响应程序服务上的安全设置。%n%n新值:%t%1 |
A security setting was updated on OCSP Responder Service.%n%nNew Value:%t%1 |
| 0x1405 | 请求已提交到 OCSP 响应程序服务。%n%n证书序列号: %1%n颁发者 CA 名称: %2%n撤消状态: %3 |
A request was submitted to OCSP Responder Service. %n%nCertificate Serial Number: %1%nIssuer CA Name: %2%nRevocation Status: %3 |
| 0x1406 | OCSP 响应程序服务已自动更新签名证书。%n%nCA 配置 ID:%t%t%1%n新签名证书哈希:%t%t%2 |
Signing Certificate was automatically updated by the OCSP Responder Service.%n%nCA Configuration ID:%t%t%1%nNew Signing Certificate Hash:%t%t%2 |
| 0x1407 | OCSP 吊销提供程序已成功更新吊销信息。%n%nCA 配置 ID:%t%t%1%n基本 CRL 号:%t%t%2%n基本 CRL 此更新:%t%t%3%n基本 CRL 哈希:%t%t%4%n增量 CRL 号:%t%t%5%n增量 CRL 指示器:%t%t%6%n增量 CRL 此更新:%t%t%7%n增量 CRL 哈希:%t%t%8 |
The OCSP Revocation Provider successfully updated the revocation information.%n%nCA Configuration ID:%t%t%1%nBase CRL Number:%t%t%2%nBase CRL This Update:%t%t%3%nBase CRL Hash:%t%t%4%nDelta CRL Number:%t%t%5%nDelta CRL Indicator:%t%t%6%nDelta CRL This Update:%t%t%7%nDelta CRL Hash:%t%t%8 |
| 0x1410 | 已修改目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n目录服务:%n%t名称:%t%7%n%t类型:%t%8%n%t%n对象:%n%tDN:%t%9%n%tGUID:%t%10%n%t类:%t%11%n%t%n属性:%n%tLDAP 显示名称:%t%12%n%t语法(OID):%t%13%n%t值:%t%14%n%t%n操作:%n%t类型:%t%15%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was modified.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tDN:%t%9%n%tGUID:%t%10%n%tClass:%t%11%n%t%nAttribute:%n%tLDAP Display Name:%t%12%n%tSyntax (OID):%t%13%n%tValue:%t%14%n%t%nOperation:%n%tType:%t%15%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1411 | 已创建目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%t%n目录服务:%n%t名称:%t%7%n%t类型:%t%8%n%t%n对象:%n%tDN:%t%9%n%tGUID:%t%10%n%t类:%t%11%n%t%n操作:%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was created.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%t%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tDN:%t%9%n%tGUID:%t%10%n%tClass:%t%11%n%t%nOperation:%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1412 | 已恢复目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%t%n目录服务:%n%t名称:%t%7%n%t类型:%t%8%n%t%n对象:%n%t旧 DN:%t%9%n%t新 DN:%t%10%n%tGUID:%t%11%n%t类:%t%12%n%t%n操作:%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was undeleted.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%t%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tOld DN:%t%9%n%tNew DN:%t%10%n%tGUID:%t%11%n%tClass:%t%12%n%t%nOperation:%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1413 | 已移动目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%t%n目录服务:%n%t名称:%t%t%7%n%t类型:%t%t%8%n%t%n对象:%n%t旧 DN:%t%t%9%n%t新 DN:%t%10%n%tGUID:%t%t%11%n%t类:%t%t%12%n%t%n操作:%n%t相关性 ID:%t%t%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was moved.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%t%nDirectory Service:%n%tName:%t%t%7%n%tType:%t%t%8%n%t%nObject:%n%tOld DN:%t%t%9%n%tNew DN:%t%10%n%tGUID:%t%t%11%n%tClass:%t%t%12%n%t%nOperation:%n%tCorrelation ID:%t%t%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1414 | 已访问网络共享对象。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n网络信息:%t%n%t对象类型:%t%t%5%n%t源地址:%t%t%6%n%t源端口:%t%t%7%n%t%n共享信息:%n%t共享名:%t%t%8%n%t共享路径:%t%t%9%n%n访问请求信息:%n%t访问掩码:%t%t%10%n%t访问次数:%t%t%11%n |
A network share object was accessed.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nNetwork Information:%t%n%tObject Type:%t%t%5%n%tSource Address:%t%t%6%n%tSource Port:%t%t%7%n%t%nShare Information:%n%tShare Name:%t%t%8%n%tShare Path:%t%t%9%n%nAccess Request Information:%n%tAccess Mask:%t%t%10%n%tAccesses:%t%t%11%n |
| 0x1415 | 删除了一个目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%t%n目录服务:%n%tName:%t%7%n%t类型:%t%8%n%t%n对象:%n%tDN:%t%9%n%tGUID:%t%10%n%t类:%t%11%n%t%n操作:%n%t树删除:%t%12%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was deleted.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%t%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tDN:%t%9%n%tGUID:%t%10%n%tClass:%t%11%n%t%nOperation:%n%tTree Delete:%t%12%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1416 | 添加了一个网络共享对象。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n共享信息:%t%n%t共享名称:%t%t%5%n%t共享路径:%t%t%6 |
A network share object was added.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nShare Information:%t%n%tShare Name:%t%t%5%n%tShare Path:%t%t%6 |
| 0x1417 | 网络共享对象已被修改。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n共享信息:%n%t对象类型:%t%t%5%n%t共享名称:%t%t%6%n%t共享路径:%t%t%7%n%t旧备注:%t%t%8%n%t新备注:%t%t%9%n%t旧最大用户数:%t%t%10%n%t新最大用户数:%t%t%11%n%t旧共享标志数:%t%t%12%n%t新共享标志数:%t%t%13%n%t旧 SD:%t%t%t%14%n%t新 SD:%t%t%t%15%n |
A network share object was modified.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nShare Information:%n%tObject Type:%t%t%5%n%tShare Name:%t%t%6%n%tShare Path:%t%t%7%n%tOld Remark:%t%t%8%n%tNew Remark:%t%t%9%n%tOld MaxUsers:%t%t%10%n%tNew Maxusers:%t%t%11%n%tOld ShareFlags:%t%t%12%n%tNew ShareFlags:%t%t%13%n%tOld SD:%t%t%t%14%n%tNew SD:%t%t%t%15%n |
| 0x1418 | 删除了一个网络共享对象。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n共享信息:%t%n%t共享名称:%t%t%5%n%t共享路径:%t%t%6 |
A network share object was deleted.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nShare Information:%t%n%tShare Name:%t%t%5%n%tShare Path:%t%t%6 |
| 0x1419 | 已检查网络共享对象是否可以授予客户端所需的访问权限。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n网络信息:%t%n%t对象类型:%t%t%5%n%t源地址:%t%t%6%n%t源端口:%t%t%7%n%t%n共享信息:%n%t共享名称:%t%t%8%n%t共享路径:%t%t%9%n%t相对目标名称:%t%10%n%n访问请求信息:%n%t访问掩码:%t%t%11%n%t访问:%t%t%12%n访问检查结果:%n%t%13%n |
A network share object was checked to see whether client can be granted desired access.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nNetwork Information:%t%n%tObject Type:%t%t%5%n%tSource Address:%t%t%6%n%tSource Port:%t%t%7%n%t%nShare Information:%n%tShare Name:%t%t%8%n%tShare Path:%t%t%9%n%tRelative Target Name:%t%10%n%nAccess Request Information:%n%tAccess Mask:%t%t%11%n%tAccesses:%t%t%12%nAccess Check Results:%n%t%13%n |
| 0x141A | Windows 筛选平台已阻止数据包。%n%n网络信息:%n%t方向:%t%t%1%n%t源地址:%t%2%n%t目标地址:%t%3%n%tEtherType:%t%t%4%n%tVlanTag:%t%t%5%n%tvSwitchId:%t%t%6%n%t源 vSwitch 端口:%t%t%7%n%t目标 vSwitch 端口:%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
The Windows Filtering Platform has blocked a packet.%n%nNetwork Information:%n%tDirection:%t%t%1%n%tSource Address:%t%2%n%tDestination Address:%t%3%n%tEtherType:%t%t%4%n%tVlanTag:%t%t%5%n%tvSwitchId:%t%t%6%n%tSource vSwitch Port:%t%t%7%n%tDestination vSwitch Port:%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x141B | 限制较为严格的 Windows 筛选平台筛选器已阻止数据包。%n%n网络信息:%n%t方向:%t%t%1%n%t源地址:%t%2%n%t目标地址:%t%3%n%tEtherType:%t%t%4%n%tVlanTag:%t%t%5%n%tvSwitchId:%t%t%6%n%t源 vSwitch 端口:%t%t%7%n%t目标 vSwitch 端口:%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
A more restrictive Windows Filtering Platform filter has blocked a packet.%n%nNetwork Information:%n%tDirection:%t%t%1%n%tSource Address:%t%2%n%tDestination Address:%t%3%n%tEtherType:%t%t%4%n%tVlanTag:%t%t%5%n%tvSwitchId:%t%t%6%n%tSource vSwitch Port:%t%t%7%n%tDestination vSwitch Port:%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x141C | Windows 筛选平台检测到一个 DoS 攻击并且已进入防御模式;将丢弃与该攻击关联的数据包。%n%n网络信息:%n%t类型:%t%t%1 |
The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.%n%nNetwork Information:%n%tType:%t%t%1 |
| 0x141D | DoS 攻击已经平息,现在正在恢复正常处理。%n%n网络信息:%n%t类型:%t%t%1%n%t丢弃的数据包:%t%t%t%2 |
The DoS attack has subsided and normal processing is being resumed.%n%nNetwork Information:%n%tType:%t%t%1%n%tPackets Discarded:%t%t%t%2 |
| 0x141E | Windows 筛选平台已阻止数据包。%n%n网络信息:%n%t方向:%t%t%1%n%t源地址:%t%t%2%n%t目标地址:%t%3%n%tEtherType:%t%t%4%n%tMediaType:%t%t%5%n%tInterfaceType:%t%t%6%n%tVlanTag:%t%t%t%7%n%n筛选器信息:%n%t筛选器运行时 ID:%t%8%n%t层名称:%t%t%9%n%t层运行时 ID:%t%10 |
The Windows Filtering Platform has blocked a packet.%n%nNetwork Information:%n%tDirection:%t%t%1%n%tSource Address:%t%t%2%n%tDestination Address:%t%3%n%tEtherType:%t%t%4%n%tMediaType:%t%t%5%n%tInterfaceType:%t%t%6%n%tVlanTag:%t%t%t%7%n%nFilter Information:%n%tFilter Run-Time ID:%t%8%n%tLayer Name:%t%t%9%n%tLayer Run-Time ID:%t%10 |
| 0x141F | 限制较为严格的 Windows 筛选平台筛选器已阻止数据包。%n%n网络信息:%n%t方向:%t%t%1%n%t源地址:%t%t%t%2%n%t目标地址:%t%3%n%tEtherType:%t%t%4%n%tMediaType:%t%t%5%n%tInterfaceType:%t%t%6%n%tVlanTag:%t%t%t%7%n%n筛选器信息:%n%t筛选器运行时 ID:%t%8%n%t层名称:%t%t%9%n%t层运行时 ID:%t%10 |
A more restrictive Windows Filtering Platform filter has blocked a packet.%n%nNetwork Information:%n%tDirection:%t%t%1%n%tSource Address:%t%t%t%2%n%tDestination Address:%t%3%n%tEtherType:%t%t%4%n%tMediaType:%t%t%5%n%tInterfaceType:%t%t%6%n%tVlanTag:%t%t%t%7%n%nFilter Information:%n%tFilter Run-Time ID:%t%8%n%tLayer Name:%t%t%9%n%tLayer Run-Time ID:%t%10 |
| 0x1420 | Windows 筛选平台阻止了数据包。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t方向:%t%t%3%n%t源地址:%t%t%4%n%t源端口:%t%t%5%n%t目标地址:%t%6%n%t目标端口:%t%t%7%n%t协议:%t%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
The Windows Filtering Platform has blocked a packet.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tDirection:%t%t%3%n%tSource Address:%t%t%4%n%tSource Port:%t%t%5%n%tDestination Address:%t%6%n%tDestination Port:%t%t%7%n%tProtocol:%t%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x1421 | 具有更多限制的 Windows 筛选平台筛选器已阻止数据包。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t方向:%t%t%3%n%t源地址:%t%t%4%n%t源端口:%t%t%5%n%t目标地址:%t%6%n%t目标端口:%t%t%7%n%t协议:%t%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
A more restrictive Windows Filtering Platform filter has blocked a packet.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tDirection:%t%t%3%n%tSource Address:%t%t%4%n%tSource Port:%t%t%5%n%tDestination Address:%t%6%n%tDestination Port:%t%t%7%n%tProtocol:%t%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x1422 | Windows 筛选平台已允许应用程序或服务在端口上侦听传入连接。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t源地址:%t%t%3%n%t源端口:%t%t%4%n%t协议:%t%t%5%n%n筛选器信息:%n%t筛选器运行时 ID:%t%6%n%t层名称:%t%t%7%n%t层运行时 ID:%t%8 |
The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tSource Address:%t%t%3%n%tSource Port:%t%t%4%n%tProtocol:%t%t%5%n%nFilter Information:%n%tFilter Run-Time ID:%t%6%n%tLayer Name:%t%t%7%n%tLayer Run-Time ID:%t%8 |
| 0x1423 | Windows 筛选平台已阻止应用程序或服务在端口上侦听传入连接。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t源地址:%t%t%3%n%t源端口:%t%t%4%n%t协议:%t%t%5%n%n筛选器信息:%n%t筛选器运行时 ID:%t%6%n%t层名称:%t%t%7%n%t层运行时 ID:%t%8 |
The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tSource Address:%t%t%3%n%tSource Port:%t%t%4%n%tProtocol:%t%t%5%n%nFilter Information:%n%tFilter Run-Time ID:%t%6%n%tLayer Name:%t%t%7%n%tLayer Run-Time ID:%t%8 |
| 0x1424 | Windows 筛选平台已允许连接。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t方向:%t%t%3%n%t源地址:%t%t%4%n%t源端口:%t%t%5%n%t目标地址:%t%6%n%t目标端口:%t%t%7%n%t协议:%t%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
The Windows Filtering Platform has permitted a connection.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tDirection:%t%t%3%n%tSource Address:%t%t%4%n%tSource Port:%t%t%5%n%tDestination Address:%t%6%n%tDestination Port:%t%t%7%n%tProtocol:%t%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x1425 | Windows 筛选平台已阻止连接。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t方向:%t%t%3%n%t源地址:%t%t%4%n%t源端口:%t%t%5%n%t目标地址:%t%6%n%t目标端口:%t%t%7%n%t协议:%t%t%8%n%n筛选器信息:%n%t筛选器运行时 ID:%t%9%n%t层名称:%t%t%10%n%t层运行时 ID:%t%11 |
The Windows Filtering Platform has blocked a connection.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tDirection:%t%t%3%n%tSource Address:%t%t%4%n%tSource Port:%t%t%5%n%tDestination Address:%t%6%n%tDestination Port:%t%t%7%n%tProtocol:%t%t%8%n%nFilter Information:%n%tFilter Run-Time ID:%t%9%n%tLayer Name:%t%t%10%n%tLayer Run-Time ID:%t%11 |
| 0x1426 | Windows 筛选平台已允许绑定本地端口。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t源地址:%t%t%3%n%t源端口:%t%t%4%n%t协议:%t%t%5%n%n筛选器信息:%n%t筛选器运行时 ID:%t%6%n%t层名称:%t%t%7%n%t层运行时 ID:%t%8 |
The Windows Filtering Platform has permitted a bind to a local port.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tSource Address:%t%t%3%n%tSource Port:%t%t%4%n%tProtocol:%t%t%5%n%nFilter Information:%n%tFilter Run-Time ID:%t%6%n%tLayer Name:%t%t%7%n%tLayer Run-Time ID:%t%8 |
| 0x1427 | Windows 筛选平台已阻止绑定本地端口。%n%n应用程序信息:%n%t进程 ID:%t%t%1%n%t应用程序名称:%t%2%n%n网络信息:%n%t源地址:%t%t%3%n%t源端口:%t%t%4%n%t协议:%t%t%5%n%n筛选器信息:%n%t筛选器运行时 ID:%t%6%n%t层名称:%t%t%7%n%t层运行时 ID:%t%8 |
The Windows Filtering Platform has blocked a bind to a local port.%n%nApplication Information:%n%tProcess ID:%t%t%1%n%tApplication Name:%t%2%n%nNetwork Information:%n%tSource Address:%t%t%3%n%tSource Port:%t%t%4%n%tProtocol:%t%t%5%n%nFilter Information:%n%tFilter Run-Time ID:%t%6%n%tLayer Name:%t%t%7%n%tLayer Run-Time ID:%t%8 |
| 0x1430 | SMB/SMB2 的 SPN 检查失败。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%nSPN:%t%n%tSPN 名称:%t%t%5%n%t错误代码:%t%t%6%n%n服务器信息:%n%t服务器名称:%t%t%7%n%t配置的名称:%t%t%8%n%tIP 地址:%t%t%9 |
Spn check for SMB/SMB2 fails.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nSPN:%t%n%tSPN Name:%t%t%5%n%tError Code:%t%t%6%n%nServer Information:%n%tServer Names:%t%t%7%n%tConfigured Names:%t%t%8%n%tIP Addresses:%t%t%9 |
| 0x1431 | 已修改目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n目录服务:%n%t名称:%t%7%n%t类型:%t%8%n%t%n对象:%n%tDN:%t%9%n%tGUID:%t%10%n%t类:%t%11%n%t%n属性:%n%tLDAP 显示名称:%t%12%n%t语法(OID):%t%13%n%t值:%t%14%n%t到期时间:%t%15%n%t%n操作:%n%t类型:%t%16%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was modified.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tDN:%t%9%n%tGUID:%t%10%n%tClass:%t%11%n%t%nAttribute:%n%tLDAP Display Name:%t%12%n%tSyntax (OID):%t%13%n%tValue:%t%14%n%tExpiration Time:%t%15%n%t%nOperation:%n%tType:%t%16%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1432 | 执行后台清理任务期间修改了目录服务对象。%n%t%n使用者:%n%t安全 ID:%t%t%3%n%t帐户名称:%t%t%4%n%t帐户域:%t%t%5%n%t登录 ID:%t%t%6%n%n目录服务:%n%t名称:%t%7%n%t类型:%t%8%n%t%n对象:%n%tDN:%t%9%n%tGUID:%t%10%n%t类:%t%11%n%t%n属性:%n%tLDAP 显示名称:%t%12%n%t语法(OID):%t%13%n%t值:%t%14%n%t过期时间:%t%15%n%t%n操作:%n%t类型:%t%16%n%t相关性 ID:%t%1%n%t应用程序相关性 ID:%t%2 |
A directory service object was modified during a background cleanup task.%n%t%nSubject:%n%tSecurity ID:%t%t%3%n%tAccount Name:%t%t%4%n%tAccount Domain:%t%t%5%n%tLogon ID:%t%t%6%n%nDirectory Service:%n%tName:%t%7%n%tType:%t%8%n%t%nObject:%n%tDN:%t%9%n%tGUID:%t%10%n%tClass:%t%11%n%t%nAttribute:%n%tLDAP Display Name:%t%12%n%tSyntax (OID):%t%13%n%tValue:%t%14%n%tExpiration Time:%t%15%n%t%nOperation:%n%tType:%t%16%n%tCorrelation ID:%t%1%n%tApplication Correlation ID:%t%2 |
| 0x1500 | 已备份凭据管理器凭据。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n用户备份他们自己的凭据管理器凭据时,此事件会发生。用户(甚至管理员)无法备份除他自己之外的任何帐户的凭据。 |
Credential Manager credentials were backed up.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nThis event occurs when a user backs up their own Credential Manager credentials. A user (even an Administrator) cannot back up the credentials of an account other than his own. |
| 0x1501 | 已从备份还原凭据管理器凭据。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n用户从备份还原他的凭据管理器凭据时,此事件会发生。用户(甚至管理员)无法还原除他自己之外的任何帐户的凭据。 |
Credential Manager credentials were restored from a backup.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nThis event occurs when a user restores his Credential Manager credentials from a backup. A user (even an Administrator) cannot restore the credentials of an account other than his own. |
| 0x1502 | 策略不允许请求的凭据委派。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n凭据委派信息:%n%t安全程序包:%t%5%n%t用户的 UPN:%t%6%n%t目标服务器:%t%7%n%t凭据类型:%t%8 |
The requested credentials delegation was disallowed by policy.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nCredential Delegation Information:%n%tSecurity Package:%t%5%n%tUser's UPN:%t%6%n%tTarget Server:%t%7%n%tCredential Type:%t%8 |
| 0x1540 | Windows 筛选平台基本筛选引擎启动时,出现下列标注。%n%n提供程序信息:%t%n%tID:%t%t%1%n%t名称:%t%t%2%n%n标注信息:%n%tID:%t%t%3%n%t名称:%t%t%4%n%t类型:%t%t%5%n%t运行时 ID:%t%6%n%n层信息:%n%tID:%t%t%7%n%t名称:%t%t%8%n%t运行时 ID:%t%9 |
The following callout was present when the Windows Filtering Platform Base Filtering Engine started.%n%nProvider Information:%t%n%tID:%t%t%1%n%tName:%t%t%2%n%nCallout Information:%n%tID:%t%t%3%n%tName:%t%t%4%n%tType:%t%t%5%n%tRun-Time ID:%t%6%n%nLayer Information:%n%tID:%t%t%7%n%tName:%t%t%8%n%tRun-Time ID:%t%9 |
| 0x1541 | Windows 筛选平台基本筛选引擎启动时,出现下列筛选器。%n%n提供程序信息:%t%n%tID:%t%t%1%n%t名称:%t%t%2%n%n筛选器信息:%n%tID:%t%t%3%n%t名称:%t%t%4%n%t类型:%t%t%5%n%t运行时 ID:%t%6%n%n层信息:%n%tID:%t%t%7%n%t名称:%t%t%8%n%t运行时 ID:%t%9%n%t权重:%t%t%10%n%t%n其他信息:%n%t条件:%t%11%n%t筛选器操作:%t%12%n%t标注 ID:%t%13%n%t标注名称:%t%14 |
The following filter was present when the Windows Filtering Platform Base Filtering Engine started.%n%nProvider Information:%t%n%tID:%t%t%1%n%tName:%t%t%2%n%nFilter Information:%n%tID:%t%t%3%n%tName:%t%t%4%n%tType:%t%t%5%n%tRun-Time ID:%t%6%n%nLayer Information:%n%tID:%t%t%7%n%tName:%t%t%8%n%tRun-Time ID:%t%9%n%tWeight:%t%t%10%n%t%nAdditional Information:%n%tConditions:%t%11%n%tFilter Action:%t%12%n%tCallout ID:%t%13%n%tCallout Name:%t%14 |
| 0x1542 | Windows 筛选平台基本筛选引擎启动时,出现下列提供程序。%n%t%n提供程序 ID:%t%1%n提供程序名称:%t%2%n提供程序类型:%t%3 |
The following provider was present when the Windows Filtering Platform Base Filtering Engine started.%n%t%nProvider ID:%t%1%nProvider Name:%t%2%nProvider Type:%t%3 |
| 0x1543 | Windows 筛选平台基本筛选引擎启动时,出现下列提供程序上下文。%n%t%n提供程序 ID:%t%1%n提供程序名称:%t%2%n提供程序上下文 ID:%t%3%n提供程序上下文名称:%t%4%n提供程序上下文类型:%t%5 |
The following provider context was present when the Windows Filtering Platform Base Filtering Engine started.%n%t%nProvider ID:%t%1%nProvider Name:%t%2%nProvider Context ID:%t%3%nProvider Context Name:%t%4%nProvider Context Type:%t%5 |
| 0x1544 | Windows 筛选平台基本筛选引擎启动时,出现下列子层。%n%t%n提供程序 ID:%t%1%n提供程序名称:%t%2%n子层 ID:%t%3%n子层名称:%t%4%n子层类型:%t%5%n权重:%t%t%6 |
The following sub-layer was present when the Windows Filtering Platform Base Filtering Engine started.%n%t%nProvider ID:%t%1%nProvider Name:%t%2%nSub-layer ID:%t%3%nSub-layer Name:%t%4%nSub-layer Type:%t%5%nWeight:%t%t%6 |
| 0x1546 | 已更改 Windows 筛选平台标注。%n%t%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%n进程信息:%n%t进程 ID:%t%1%n%n提供程序信息:%n%tID:%t%t%4%n%t名称:%t%t%5%n%n更改信息:%n%t更改类型:%t%6%n%n标注信息:%n%tID:%t%t%7%n%t名称:%t%t%8%n%t类型:%t%t%9%n%t运行时 ID:%t%10%n%n层信息:%n%tID:%t%t%11%n%t名称:%t%t%12%n%t运行时 ID:%t%13 |
A Windows Filtering Platform callout has been changed.%n%t%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%nProcess Information:%n%tProcess ID:%t%1%n%nProvider Information:%n%tID:%t%t%4%n%tName:%t%t%5%n%nChange Information:%n%tChange Type:%t%6%n%nCallout Information:%n%tID:%t%t%7%n%tName:%t%t%8%n%tType:%t%t%9%n%tRun-Time ID:%t%10%n%nLayer Information:%n%tID:%t%t%11%n%tName:%t%t%12%n%tRun-Time ID:%t%13 |
| 0x1547 | 已更改 Windows 筛选平台筛选器。%n%t%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%n进程信息:%n%t进程 ID:%t%1%n%n提供程序信息:%n%tID:%t%t%4%n%t名称:%t%t%5%n%n更改信息:%n%t更改类型:%t%6%n%n筛选器信息:%n%tID:%t%t%7%n%t名称:%t%t%8%n%t类型:%t%t%9%n%t运行时 ID:%t%10%n%n层信息:%n%tID:%t%t%11%n%t名称:%t%t%12%n%t运行时 ID:%t%13%n%n标注信息:%n%tID:%t%t%17%n%t名称:%t%t%18%n%n其他信息:%n%t权重:%t%14%t%n%t条件:%t%15%n%t筛选器操作:%t%16 |
A Windows Filtering Platform filter has been changed.%n%t%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%nProcess Information:%n%tProcess ID:%t%1%n%nProvider Information:%n%tID:%t%t%4%n%tName:%t%t%5%n%nChange Information:%n%tChange Type:%t%6%n%nFilter Information:%n%tID:%t%t%7%n%tName:%t%t%8%n%tType:%t%t%9%n%tRun-Time ID:%t%10%n%nLayer Information:%n%tID:%t%t%11%n%tName:%t%t%12%n%tRun-Time ID:%t%13%n%nCallout Information:%n%tID:%t%t%17%n%tName:%t%t%18%n%nAdditional Information:%n%tWeight:%t%14%t%n%tConditions:%t%15%n%tFilter Action:%t%16 |
| 0x1548 | 已更改 Windows 筛选平台提供程序。%n%t%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%n进程信息:%n%t进程 ID:%t%1%n%n更改信息:%n%t更改类型:%t%4%n%n提供程序信息:%n%tID:%t%t%5%n%t名称:%t%t%6%n%t类型:%t%t%7 |
A Windows Filtering Platform provider has been changed.%n%t%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%nProcess Information:%n%tProcess ID:%t%1%n%nChange Information:%n%tChange Type:%t%4%n%nProvider Information:%n%tID:%t%t%5%n%tName:%t%t%6%n%tType:%t%t%7 |
| 0x1549 | 已更改 Windows 筛选平台提供程序上下文。%n%t%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%n进程信息:%n%t进程 ID:%t%1%n%n提供程序信息:%n%t提供程序 ID:%t%4%n%t提供程序名称:%t%5%n%n更改信息:%n%t更改类型:%t%6%n%n提供程序上下文:%n%tID:%t%7%n%t名称:%t%8%n%t类型:%t%9 |
A Windows Filtering Platform provider context has been changed.%n%t%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%nProcess Information:%n%tProcess ID:%t%1%n%nProvider Information:%n%tProvider ID:%t%4%n%tProvider Name:%t%5%n%nChange Information:%n%tChange Type:%t%6%n%nProvider Context:%n%tID:%t%7%n%tName:%t%8%n%tType:%t%9 |
| 0x154A | 已更改 Windows 筛选平台子层。%n%t%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%n进程信息:%n%t进程 ID:%t%1%n%n提供程序信息:%n%t提供程序 ID:%t%4%n%t提供程序名称:%t%5%n%n更改信息:%n%t更改类型:%t%6%n%n子层信息:%n%t子层 ID:%t%7%n%t子层名称:%t%8%n%t子层类型:%t%9%n%n其他信息:%n%t权重:%t%10 |
A Windows Filtering Platform sub-layer has been changed.%n%t%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%nProcess Information:%n%tProcess ID:%t%1%n%nProvider Information:%n%tProvider ID:%t%4%n%tProvider Name:%t%5%n%nChange Information:%n%tChange Type:%t%6%n%nSub-layer Information:%n%tSub-layer ID:%t%7%n%tSub-layer Name:%t%8%n%tSub-layer Type:%t%9%n%nAdditional Information:%n%tWeight:%t%10 |
| 0x154B | 已建立 IPSec 快速模式安全关联。%n%t%n本地终结点:%n%t网络地址:%t%1%n%t网络地址掩码:%t%2%n%t端口:%t%t%t%3%n%t隧道终结点:%t%t%4%n%n远程终结点:%n%t网络地址:%t%5%n%t网络地址掩码:%t%6%n%t端口:%t%t%t%7%n%t专用地址:%t%t%8%n%t隧道终结点:%t%t%9%n%n%t协议:%t%t%10%n%t密钥模块名称:%t%11%n%n加密信息:%n%t完整性算法 - AH:%t%12%n%t完整性算法 - ESP:%t%13%n%t加密算法:%t%14%n%n安全关联信息:%n%t生存时间 - 秒:%t%t%15%n%t生存时间 - 数据:%t%t%16%n%t生存时间 - 数据包:%t%17%n%t模式:%t%t%t%18%n%t角色:%t%t%t%19%n%t快速模式筛选器 ID:%t%20%n%t主模式 SA ID:%t%t%21%n%t快速模式 SA ID:%t%t%22%n%n其他信息:%n%t入站 SPI:%t%t%23%n%t出站 SPI:%t%t%24%n%t虚拟接口隧道 ID:%t%t%25%n%t流量选择器 ID:%t%t%26 |
An IPsec quick mode security association was established.%n%t%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tNetwork Address mask:%t%2%n%tPort:%t%t%t%3%n%tTunnel Endpoint:%t%t%4%n%nRemote Endpoint:%n%tNetwork Address:%t%5%n%tNetwork Address Mask:%t%6%n%tPort:%t%t%t%7%n%tPrivate Address:%t%t%8%n%tTunnel Endpoint:%t%t%9%n%n%tProtocol:%t%t%10%n%tKeying Module Name:%t%11%n%nCryptographic Information:%n%tIntegrity Algorithm - AH:%t%12%n%tIntegrity Algorithm - ESP:%t%13%n%tEncryption Algorithm:%t%14%n%nSecurity Association Information:%n%tLifetime - seconds:%t%15%n%tLifetime - data:%t%t%16%n%tLifetime - packets:%t%17%n%tMode:%t%t%t%18%n%tRole:%t%t%t%19%n%tQuick Mode Filter ID:%t%20%n%tMain Mode SA ID:%t%21%n%tQuick Mode SA ID:%t%22%n%nAdditional Information:%n%tInbound SPI:%t%t%23%n%tOutbound SPI:%t%t%24%n%tVirtual Interface Tunnel ID:%t%t%25%n%tTraffic Selector ID:%t%t%26 |
| 0x154C | 已结束 IPSec 快速模式安全关联。%n%t%n本地终结点:%n%t网络地址:%t%1%n%t网络地址掩码:%t%2%n%t端口:%t%t%t%3%n%t隧道终结点:%t%t%4%n%n远程终结点:%n%t网络地址:%t%5%n%t网络地址掩码:%t%6%n%t端口:%t%t%t%7%n%t隧道终结点:%t%t%8%n%n附加信息:%n%t协议:%t%t%9%n%t快速模式 SA ID:%t%10%n%t虚拟接口隧道 ID:%t%t%11%n%t流量选择器 ID:%t%t%12 |
An IPsec quick mode security association ended.%n%t%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tNetwork Address mask:%t%2%n%tPort:%t%t%t%3%n%tTunnel Endpoint:%t%t%4%n%nRemote Endpoint:%n%tNetwork Address:%t%5%n%tNetwork Address mask:%t%6%n%tPort:%t%t%t%7%n%tTunnel Endpoint:%t%t%8%n%nAdditional Information:%n%tProtocol:%t%t%9%n%tQuick Mode SA ID:%t%10%n%tVirtual Interface Tunnel ID:%t%t%11%n%tTraffic Selector ID:%t%t%12 |
| 0x154D | IPsec 与远程计算机的协商失败,因为未启动 IKE 和 AuthIP IPsec 密钥模块(IKEEXT)服务。 |
An IPsec negotiation with a remote computer failed because the IKE and AuthIP IPsec Keying Modules (IKEEXT) service is not started. |
| 0x1550 | IPSec 策略代理在此计算机上已应用 Active Directory 存储 IPSec 策略。%n%n策略:%t%t%1 |
IPsec Policy Agent applied Active Directory storage IPsec policy on the computer.%n%nPolicy:%t%t%1 |
| 0x1551 | IPSec 策略代理在此计算机上应用 Active Directory 存储 IPSec 策略失败。%n%nDN:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to apply Active Directory storage IPsec policy on the computer.%n%nDN:%t%t%1%nError code:%t%t%2 |
| 0x1552 | IPSec 策略代理在此计算机上已应用 Active Directory 存储 IPSec 策略的本地缓存副本。%n%n策略:%t%t%1 |
IPsec Policy Agent applied locally cached copy of Active Directory storage IPsec policy on the computer.%n%nPolicy:%t%t%1 |
| 0x1553 | IPSec 策略代理在此计算机上应用 Active Directory 存储 IPSec 策略的本地缓存副本失败。%n%n策略:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to apply locally cached copy of Active Directory storage IPsec policy on the computer.%n%nPolicy:%t%t%1%nError Code:%t%t%2 |
| 0x1554 | IPSec 策略代理在此计算机上已应用本地注册表存储 IPSec 策略。%n%n策略:%t%t%1 |
IPsec Policy Agent applied local registry storage IPsec policy on the computer.%n%nPolicy:%t%t%1 |
| 0x1555 | IPSec 策略代理在此计算机上应用本地注册表存储 IPSec 策略失败。%n%n策略:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to apply local registry storage IPsec policy on the computer.%n%nPolicy:%t%t%1%nError Code:%t%t%2 |
| 0x1556 | IPSec 策略代理在此计算机上应用活动 IPSec 策略的一些规则失败。请运行 IP 安全监视器管理单元来诊断此问题。%n%n策略:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to apply some rules of the active IPsec policy on the computer. Use the IP Security Monitor snap-in to diagnose the problem.%n%nPolicy:%t%t%1%nError Code:%t%t%2 |
| 0x1557 | IPSec 策略代理进行了轮询以了解对活动的 IPSec 策略的更改,没有检测到更改。 |
IPsec Policy Agent polled for changes to the active IPsec policy and detected no changes. |
| 0x1558 | IPSec 策略代理进行了轮询以了解对活动的 IPSec 策略的更改,检测到更改并应用它们。 |
IPsec Policy Agent polled for changes to the active IPsec policy, detected changes, and applied them. |
| 0x1559 | IPSec 策略代理为 IPSec 策略的强制重加载接收到一个控制,并且成功处理了这个控制。 |
IPsec Policy Agent received a control for forced reloading of IPsec policy and processed the control successfully. |
| 0x155A | IPSec 策略代理进行了轮询以了解对 Active Directory IPSec 策略的更改,确定不可以访问 Active Directory,并且将使用 Active Directory IPSec 策略的本地缓存副本。在上次轮询后对 Active Directory IPSec 策略的任何更改都不会被应用。 |
IPsec Policy Agent polled for changes to the Active Directory IPsec policy, determined that Active Directory cannot be reached, and will use the cached copy of the Active Directory IPsec policy instead. Any changes made to the Active Directory IPsec policy since the last poll could not be applied. |
| 0x155B | IPSec 策略代理进行了轮询以了解对 Active Directory IPSec 策略的更改,确定可以访问 Active Directory,没有发现任何对策略的更改。不会再使用 Active Directory IPSec 策略的本地缓存副本。 |
IPsec Policy Agent polled for changes to the Active Directory IPsec policy, determined that Active Directory can be reached, and found no changes to the policy. The cached copy of the Active Directory IPsec policy is no longer being used. |
| 0x155C | IPSec 策略代理进行了轮询以了解对 Active Directory IPSec 策略的更改,确定可以访问 Active Directory,找到了对策略的更改,并且应用了这些更改。不会再使用 Active Directory IPSec 策略的本地缓存副本。 |
IPsec Policy Agent polled for changes to the Active Directory IPsec policy, determined that Active Directory can be reached, found changes to the policy, and applied those changes. The cached copy of the Active Directory IPsec policy is no longer being used. |
| 0x155F | IPSec 策略代理已在此计算机上加载本地存储 IPSec 策略。%n%n策略:%t%t%1 |
IPsec Policy Agent loaded local storage IPsec policy on the computer.%n%nPolicy:%t%t%1 |
| 0x1560 | IPSec 策略代理在此计算机上加载本地存储 IPSec 策略失败。%n%n策略:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to load local storage IPsec policy on the computer.%n%nPolicy:%t%t%1%nError Code:%t%t%2 |
| 0x1561 | IPSec 策略代理已在此计算机上加载目录存储 IPSec 策略。%n%n策略:%t%t%1 |
IPsec Policy Agent loaded directory storage IPsec policy on the computer.%n%nPolicy:%t%t%1 |
| 0x1562 | IPSec 策略代理在此计算机上加载目录存储 IPSec 策略失败。%n%n策略:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to load directory storage IPsec policy on the computer.%n%nPolicy:%t%t%1%nError Code:%t%t%2 |
| 0x1565 | IPSec 策略代理添加快速模式筛选器失败。%n%n快速模式筛选器:%t%t%1%n错误代码:%t%t%2 |
IPsec Policy Agent failed to add quick mode filter.%n%nQuick Mode Filter:%t%t%1%nError Code:%t%t%2 |
| 0x1566 | IPSec 策略代理服务已启动。 |
The IPsec Policy Agent service was started. |
| 0x1567 | IPSec 策略代理服务已停止。停止该服务可能导致此计算机易于受网络攻击或遭受其他安全威胁。 |
The IPsec Policy Agent service was stopped. Stopping this service can put the computer at greater risk of network attack or expose the computer to potential security risks. |
| 0x1568 | IPSec 策略代理未能获得此计算机上网络接口的完整列表。这可能会对此计算机的安全构成潜在威胁,因为某些网络接口可能无法通过应用 IPSec 筛选器来获得保护。请运行 IPSec 监视器管理单元来诊断此问题。 |
IPsec Policy Agent failed to get the complete list of network interfaces on the computer. This poses a potential security risk because some of the network interfaces may not get the protection provided by the applied IPsec filters. Use the IP Security Monitor snap-in to diagnose the problem. |
| 0x156B | IPSec 策略代理服务初始化其 RPC 服务器失败。该服务无法启动。%n%n错误代码:%t%t%1 |
The IPsec Policy Agent service failed to initialize its RPC server. The service could not be started.%n%nError Code:%t%t%1 |
| 0x156C | IPSec 策略代理服务遇到一个关键性失败并且已关闭。关闭该服务可能导致此计算机易于受网络攻击或遭受潜在安全威胁。%n%n错误代码:%t%t%1 |
The IPsec Policy Agent service experienced a critical failure and has shut down. The shutdown of this service can put the computer at greater risk of network attack or expose the computer to potential security risks.%n%nError Code:%t%t%1 |
| 0x156D | IPSec 策略代理为网络接口为即插即用事件处理一些 IPSec 筛选器失败。这可能会对此计算机的安全构成潜在威胁,因为某些网络接口可能无法通过应用 IPSec 筛选器来获得保护。请运行 IPSec 监视器管理单元来诊断此问题。 |
IPsec Policy Agent failed to process some IPsec filters on a plug-and-play event for network interfaces. This poses a potential security risk because some of the network interfaces may not get the protection provided by the applied IPsec filters. Use the IP Security Monitor snap-in to diagnose the problem. |
| 0x1600 | 已请求对无线网络进行身份验证。%n%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名:%t%t%3%n%t帐户域:%t%t%4%n%t登录 ID:%t%t%5%n%n网络信息:%n%t名称(SSID):%t%t%1%n%t接口 GUID:%t%t%8%n%t本地 MAC 地址:%t%7%n%t对等 MAC 地址:%t%6%n%n其他信息:%n%t原因代码:%t%t%10 (%9)%n%t错误代码:%t%t%11%n%tEAP 原因代码:%t%12%n%tEAP 根本原因字符串:%t%13%n%tEAP 错误代码:%t%t%14 |
A request was made to authenticate to a wireless network.%n%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%tLogon ID:%t%t%5%n%nNetwork Information:%n%tName (SSID):%t%t%1%n%tInterface GUID:%t%t%8%n%tLocal MAC Address:%t%7%n%tPeer MAC Address:%t%6%n%nAdditional Information:%n%tReason Code:%t%t%10 (%9)%n%tError Code:%t%t%11%n%tEAP Reason Code:%t%12%n%tEAP Root Cause String:%t%13%n%tEAP Error Code:%t%t%14 |
| 0x1601 | 已请求对有线网络进行身份验证。%n%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%t帐户域:%t%t%4%n%t登录 ID:%t%t%5%n%n接口:%n%t名称:%t%t%t%1%n%n其他信息%n%t原因代码:%t%t%7 (%6)%n%t错误代码:%t%t%8 |
A request was made to authenticate to a wired network.%n%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%tLogon ID:%t%t%5%n%nInterface:%n%tName:%t%t%t%1%n%nAdditional Information%n%tReason Code:%t%t%7 (%6)%n%tError Code:%t%t%8 |
| 0x1650 | 已尝试远程过程调用(RPC)。%n%n使用者:%n%tSID:%t%t%t%1%n%t名称:%t%t%t%2%n%t帐户域:%t%t%3%n%tLogonId:%t%t%4%n%n进程信息:%n%tPID:%t%t%t%5%n%t名称:%t%t%t%6%n%n网络信息:%n%t远程 IP 地址:%t%7%n%t远程端口:%t%t%8%n%nRPC 属性:%n%t接口 UUID:%t%t%9%n%t协议序列:%t%10%n%t身份验证服务:%t%11%n%t身份验证级别:%t%12 |
A Remote Procedure Call (RPC) was attempted.%n%nSubject:%n%tSID:%t%t%t%1%n%tName:%t%t%t%2%n%tAccount Domain:%t%t%3%n%tLogonId:%t%t%4%n%nProcess Information:%n%tPID:%t%t%t%5%n%tName:%t%t%t%6%n%nNetwork Information:%n%tRemote IP Address:%t%7%n%tRemote Port:%t%t%8%n%nRPC Attributes:%n%tInterface UUID:%t%t%9%n%tProtocol Sequence:%t%10%n%tAuthentication Service:%t%11%n%tAuthentication Level:%t%12 |
| 0x1700 | 已修改 COM+ 编录中的对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%tCOM+ 编录集合:%t%5%n%t对象名称:%t%t%t%6%n%t已修改的对象属性:%t%7 |
An object in the COM+ Catalog was modified.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tCOM+ Catalog Collection:%t%5%n%tObject Name:%t%t%t%6%n%tObject Properties Modified:%t%7 |
| 0x1701 | 已从 COM+ 编录中删除对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%tCOM+ 编录集合:%t%5%n%t对象名称:%t%t%t%6%n%t对象详细信息:%t%t%t%7%n从 COM+ 编录中删除对象时会发生此事件。 |
An object was deleted from the COM+ Catalog.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tCOM+ Catalog Collection:%t%5%n%tObject Name:%t%t%t%6%n%tObject Details:%t%t%t%7%nThis event occurs when an object is deleted from the COM+ catalog. |
| 0x1702 | 已将对象添加到 COM+ 编录中。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%tCOM+ 编录集合:%t%5%n%t对象名称:%t%t%t%6%n%t对象详细信息:%t%t%t%7 |
An object was added to the COM+ Catalog.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tCOM+ Catalog Collection:%t%5%n%tObject Name:%t%t%t%6%n%tObject Details:%t%t%t%7 |
| 0x1800 | 已成功应用组策略中的安全策略。%n%n返回代码:%t%1%n%nGPO 列表:%n%2 |
Security policy in the group policy objects has been applied successfully. %n%nReturn Code:%t%1%n%nGPO List:%n%2 |
| 0x1801 | 处理组策略对象中的安全策略时发生一个或多个错误。%n%n错误代码:%t%1%nGPO 列表:%n%2 |
One or more errors occured while processing security policy in the group policy objects.%n%nError Code:%t%1%nGPO List:%n%2 |
| 0x1880 | 网络策略服务器已向某个用户授予访问权限。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%t被调用站标识符:%t%t%8%n%t调用站标识符:%t%t%9%n%nNAS:%n%tNAS IPv4 地址:%t%t%10%n%tNAS IPv6 地址:%t%t%11%n%tNAS 标识符:%t%t%t%12%n%tNAS 端口类型:%t%t%t%13%n%tNAS 端口:%t%t%t%14%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%15%n%t客户端 IP 地址:%t%t%t%16%n%n身份验证详细信息:%n%t连接请求策略名称:%t%17%n%t网络策略名称:%t%t%18%n%t身份验证提供程序:%t%t%19%n%t身份验证服务器:%t%t%20%n%t身份验证类型:%t%t%21%n%tEAP 类型:%t%t%t%22%n%t帐户会话标识符:%t%t%23%n%t日志记录结果:%t%t%t%24%n |
Network Policy Server granted access to a user.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tCalled Station Identifier:%t%t%8%n%tCalling Station Identifier:%t%t%9%n%nNAS:%n%tNAS IPv4 Address:%t%t%10%n%tNAS IPv6 Address:%t%t%11%n%tNAS Identifier:%t%t%t%12%n%tNAS Port-Type:%t%t%t%13%n%tNAS Port:%t%t%t%14%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%15%n%tClient IP Address:%t%t%t%16%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%17%n%tNetwork Policy Name:%t%t%18%n%tAuthentication Provider:%t%t%19%n%tAuthentication Server:%t%t%20%n%tAuthentication Type:%t%t%21%n%tEAP Type:%t%t%t%22%n%tAccount Session Identifier:%t%t%23%n%tLogging Results:%t%t%t%24%n |
| 0x1881 | 网络策略服务器已拒绝向某个用户授予访问权限。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%t被调用站标识符:%t%t%8%n%t调用站标识符:%t%t%9%n%nNAS:%n%tNAS IPv4 地址:%t%t%10%n%tNAS IPv6 地址:%t%t%11%n%tNAS 标识符:%t%t%t%12%n%tNAS 端口类型:%t%t%t%13%n%tNAS 端口:%t%t%t%14%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%15%n%t客户端 IP 地址:%t%t%t%16%n%n身份验证详细信息:%n%t连接请求策略名称:%t%17%n%t网络策略名称:%t%t%18%n%t身份验证提供程序:%t%t%19%n%t身份验证服务器:%t%t%20%n%t身份验证类型:%t%t%21%n%tEAP 类型:%t%t%t%22%n%t帐户会话标识符:%t%t%23%n%t日志记录结果:%t%t%t%26%n%t原因代码:%t%t%t%24%n%t原因:%t%t%t%t%25%n |
Network Policy Server denied access to a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tCalled Station Identifier:%t%t%8%n%tCalling Station Identifier:%t%t%9%n%nNAS:%n%tNAS IPv4 Address:%t%t%10%n%tNAS IPv6 Address:%t%t%11%n%tNAS Identifier:%t%t%t%12%n%tNAS Port-Type:%t%t%t%13%n%tNAS Port:%t%t%t%14%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%15%n%tClient IP Address:%t%t%t%16%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%17%n%tNetwork Policy Name:%t%t%18%n%tAuthentication Provider:%t%t%19%n%tAuthentication Server:%t%t%20%n%tAuthentication Type:%t%t%21%n%tEAP Type:%t%t%t%22%n%tAccount Session Identifier:%t%t%23%n%tLogging Results:%t%t%t%26%n%tReason Code:%t%t%t%24%n%tReason:%t%t%t%t%25%n |
| 0x1882 | 网络策略服务器已放弃某个用户的请求。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%t被调用站标识符:%t%t%8%n%t调用站标识符:%t%t%9%n%nNAS:%n%tNAS IPv4 地址:%t%t%10%n%tNAS IPv6 地址:%t%t%11%n%tNAS 标识符:%t%t%t%12%n%tNAS 端口类型:%t%t%t%13%n%tNAS 端口:%t%t%t%14%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%15%n%t客户端 IP 地址:%t%t%t%16%n%n身份验证详细信息:%n%t连接请求策略名称:%t%17%n%t网络策略名称:%t%t%18%n%t身份验证提供程序:%t%t%19%n%t身份验证服务器:%t%t%20%n%t身份验证类型:%t%t%21%n%tEAP 类型:%t%t%t%22%n%t帐户会话标识符:%t%t%23%n%t原因代码:%t%t%t%24%n%t原因:%t%t%t%t%25%n |
Network Policy Server discarded the request for a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tCalled Station Identifier:%t%t%8%n%tCalling Station Identifier:%t%t%9%n%nNAS:%n%tNAS IPv4 Address:%t%t%10%n%tNAS IPv6 Address:%t%t%11%n%tNAS Identifier:%t%t%t%12%n%tNAS Port-Type:%t%t%t%13%n%tNAS Port:%t%t%t%14%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%15%n%tClient IP Address:%t%t%t%16%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%17%n%tNetwork Policy Name:%t%t%18%n%tAuthentication Provider:%t%t%19%n%tAuthentication Server:%t%t%20%n%tAuthentication Type:%t%t%21%n%tEAP Type:%t%t%t%22%n%tAccount Session Identifier:%t%t%23%n%tReason Code:%t%t%t%24%n%tReason:%t%t%t%t%25%n |
| 0x1883 | 网络策略服务器已放弃某个用户的记帐请求。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%t被调用站标识符:%t%t%8%n%t调用站标识符:%t%t%9%n%nNAS:%n%tNAS IPv4 地址:%t%t%10%n%tNAS IPv6 地址:%t%t%11%n%tNAS 标识符:%t%t%t%12%n%tNAS 端口类型:%t%t%t%13%n%tNAS 端口:%t%t%t%14%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%15%n%t客户端 IP 地址:%t%t%t%16%n%n身份验证详细信息:%n%t连接请求策略名称:%t%17%n%t网络策略名称:%t%t%18%n%t身份验证提供程序:%t%t%19%n%t身份验证服务器:%t%t%20%n%t身份验证类型:%t%t%21%n%tEAP 类型:%t%t%t%22%n%t帐户会话标识符:%t%t%23%n%t原因代码:%t%t%t%24%n%t原因:%t%t%t%t%25%n |
Network Policy Server discarded the accounting request for a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tCalled Station Identifier:%t%t%8%n%tCalling Station Identifier:%t%t%9%n%nNAS:%n%tNAS IPv4 Address:%t%t%10%n%tNAS IPv6 Address:%t%t%11%n%tNAS Identifier:%t%t%t%12%n%tNAS Port-Type:%t%t%t%13%n%tNAS Port:%t%t%t%14%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%15%n%tClient IP Address:%t%t%t%16%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%17%n%tNetwork Policy Name:%t%t%18%n%tAuthentication Provider:%t%t%19%n%tAuthentication Server:%t%t%20%n%tAuthentication Type:%t%t%21%n%tEAP Type:%t%t%t%22%n%tAccount Session Identifier:%t%t%23%n%tReason Code:%t%t%t%24%n%tReason:%t%t%t%t%25%n |
| 0x1884 | 网络策略服务器已隔离某个用户。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%n隔离信息:%n%t结果:%t%t%t%t%25%n%t扩展结果:%t%t%t%26%n%t会话标识符:%t%t%t%27%n%t帮助 URL:%t%t%t%28%n%t系统健康验证程序结果:%t%29%n |
Network Policy Server quarantined a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%nQuarantine Information:%n%tResult:%t%t%t%t%25%n%tExtended-Result:%t%t%t%26%n%tSession Identifier:%t%t%t%27%n%tHelp URL:%t%t%t%28%n%tSystem Health Validator Result(s):%t%29%n |
| 0x1885 | 网络策略服务器已授予对某个用户的访问权限,但将其置于试用状态,因为主机未满足定义的健康策略。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%n隔离信息:%n%t结果:%t%t%t%t%25%n%t扩展结果:%t%t%t%26%n%t会话标识符:%t%t%t%27%n%t帮助 URL:%t%t%t%28%n%t系统健康验证程序结果:%t%29%n%t隔离宽限期:%t%t%30%n |
Network Policy Server granted access to a user but put it on probation because the host did not meet the defined health policy.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%nQuarantine Information:%n%tResult:%t%t%t%t%25%n%tExtended-Result:%t%t%t%26%n%tSession Identifier:%t%t%t%27%n%tHelp URL:%t%t%t%28%n%tSystem Health Validator Result(s):%t%29%n%tQuarantine Grace Time:%t%t%30%n |
| 0x1886 | 网络策略服务器已授予某个用户完全访问权限,因为主机已满足定义的健康策略。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%n隔离信息:%n%t结果:%t%t%t%t%25%n%t扩展结果:%t%t%t%26%n%t会话标识符:%t%t%t%27%n%t帮助 URL:%t%t%t%28%n%t系统健康验证程序结果:%t%29%n |
Network Policy Server granted full access to a user because the host met the defined health policy.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%nQuarantine Information:%n%tResult:%t%t%t%t%25%n%tExtended-Result:%t%t%t%26%n%tSession Identifier:%t%t%t%27%n%tHelp URL:%t%t%t%28%n%tSystem Health Validator Result(s):%t%29%n |
| 0x1887 | 网络策略服务器已锁定用户帐户,因为身份验证尝试重复失败。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n |
Network Policy Server locked the user account due to repeated failed authentication attempts.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n |
| 0x1888 | 网络策略服务器已解锁用户帐户。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n |
Network Policy Server unlocked the user account.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n |
| 0x1889 | 代码完整性已确定映像文件的页面哈希无效。此文件没有使用页面哈希正确签名或由于未经授权的修改而被损坏。无效的哈希可能表明潜在的磁盘设备错误。%n%n文件名:%t%1%t |
Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error.%n%nFile Name:%t%1%t |
| 0x1900 | BranchCache: 发现内容可用时收到了一个格式错误的响应。%n%n发送该响应的客户端的 IP 地址:%t%t%t%1%n%t%n |
BranchCache: Received an incorrectly formatted response while discovering availability of content. %n%nIP address of the client that sent this response:%t%t%t%1%n%t%n |
| 0x1901 | BranchCache: 从对等方收到无效数据。丢弃数据。%n%n发送该数据的客户端的 IP 地址:%t%t%t%1%n%t%n |
BranchCache: Received invalid data from a peer. Data discarded. %n%nIP address of the client that sent this data:%t%t%t%1%n%t%n |
| 0x1902 | BranchCache: 为其提供数据的托管缓存的消息格式不正确。%n%n发送该消息的客户端的 IP 地址: %t%t%t%1%n%t%n |
BranchCache: The message to the hosted cache offering it data is incorrectly formatted. %n%nIP address of the client that sent this message: %t%t%t%1%n%t%n |
| 0x1903 | BranchCache: 托管缓存向客户端的消息发送了一个格式不正确的响应以为其提供数据。%n%n托管缓存的域名为:%t%t%t%1%n%t%n |
BranchCache: The hosted cache sent an incorrectly formatted response to the client's message to offer it data. %n%nDomain name of the hosted cache is:%t%t%t%1%n%t%n |
| 0x1904 | BranchCache: 无法使用预配的 SSL 证书对托管缓存进行身份验证。%n%n托管缓存的域名:%t%t%t%1%n%t%n错误代码:%t%t%t%2%n%t%n |
BranchCache: Hosted cache could not be authenticated using the provisioned SSL certificate. %n%nDomain name of the hosted cache:%t%t%t%1%n%t%nError Code:%t%t%t%2%n%t%n |
| 0x1905 | BranchCache: 出现了事件 ID 为 %1 的 %2 个实例。%n |
BranchCache: %2 instance(s) of event id %1 occurred.%n |
| 0x1906 | %1 已注册到 Windows 防火墙以控制以下内容的筛选: %n%2。 |
%1 registered to Windows Firewall to control filtering for the following: %n%2. |
| 0x1908 | 注册的产品 %1 失败并且现在 Windows 防火墙正在控制 %2 的筛选。 |
Registered product %1 failed and Windows Firewall is now controlling the filtering for %2. |
| 0x1909 | BranchCache: 无法分析某个服务连接点对象。%n%nSCP 对象 GUID: %1 |
BranchCache: A service connection point object could not be parsed. %n%nSCP object GUID: %1 |
| 0x190A | 代码完整性已确定某个文件不符合安全要求,无法加载到进程中。这可能是由于使用共享区域或其他问题导致的。%n%n文件名:%t%1%t |
Code integrity determined that a file does not meet the security requirements to load into a process. This could be due to the use of shared sections or other issues.%n%nFile Name:%t%1%t |
| 0x1910 | 系统已识别新的外部设备。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n供应商 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
A new external device was recognized by the system.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nVendor IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1911 | FIPS 模式加密自检成功。%n%n%t进程 ID:%t%t%1%n%t处理名称:%t%t%2 |
The FIPS mode crypto selftests succeeded.%n%n%tProcess ID:%t%t%1%n%tProcess Name:%t%t%2 |
| 0x1912 | FIPS 模式加密自检失败。%n%n%t进程 ID:%t%t%1%n%t进程名称:%t%t%2%n%t失败测试代码:%t%t%3 |
The FIPS mode crypto selftests failed.%n%n%tProcess ID:%t%t%1%n%tProcess Name:%t%t%2%n%tFailed test code:%t%t%3 |
| 0x1913 | 已发出禁用设备的请求。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
A request was made to disable a device.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1914 | 设备已禁用。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
A device was disabled.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1915 | 已发出启用设备的请求。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
A request was made to enable a device.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1916 | 设备已启用。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
A device was enabled.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1917 | 系统策略禁止安装此设备。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
The installation of this device is forbidden by system policy.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1918 | 此设备的安装在之前被策略禁止后,现已得到允许。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n设备 ID:%t%5%n%n设备名称:%t%6%n%n类 ID:%t%t%7%n%n类名称:%t%8%n%n硬件 ID:%t%9%n%n兼容 ID:%t%10%n%n位置信息:%t%11 |
The installation of this device was allowed, after having previously been forbidden by policy.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nDevice ID:%t%5%n%nDevice Name:%t%6%n%nClass ID:%t%t%7%n%nClass Name:%t%8%n%nHardware IDs:%t%9%n%nCompatible IDs:%t%10%n%nLocation Information:%t%11 |
| 0x1FFF | 最高系统-定义的审核消息值。 |
Highest System-Defined Audit Message Value. |
| 0x30000000 | 信息 |
Info |
| 0x70003000 | 安全状态更改 |
Security State Change |
| 0x70003001 | 安全系统扩展 |
Security System Extension |
| 0x70003002 | 系统完整性 |
System Integrity |
| 0x70003003 | IPsec 驱动程序 |
IPsec Driver |
| 0x70003004 | 其他系统事件 |
Other System Events |
| 0x70003100 | 登录 |
Logon |
| 0x70003101 | 注销 |
Logoff |
| 0x70003102 | 帐户锁定 |
Account Lockout |
| 0x70003103 | IPsec 主模式 |
IPsec Main Mode |
| 0x70003104 | 特殊登录 |
Special Logon |
| 0x70003105 | IPsec 快速模式 |
IPsec Quick Mode |
| 0x70003106 | IPsec 扩展模式 |
IPsec Extended Mode |
| 0x70003107 | 其他登录/注销事件 |
Other Logon/Logoff Events |
| 0x70003108 | 网络策略服务器 |
Network Policy Server |
| 0x70003109 | 用户/设备声明 |
User / Device Claims |
| 0x7000310A | 组成员身份 |
Group Membership |
| 0x70003200 | 文件系统 |
File System |
| 0x70003201 | 注册表 |
Registry |
| 0x70003202 | 内核对象 |
Kernel Object |
| 0x70003203 | SAM |
SAM |
| 0x70003204 | 其他对象访问事件 |
Other Object Access Events |
| 0x70003205 | 证书服务 |
Certification Services |
| 0x70003206 | 已生成应用程序 |
Application Generated |
| 0x70003207 | 句柄操作 |
Handle Manipulation |
| 0x70003208 | 文件共享 |
File Share |
| 0x70003209 | 筛选平台数据包丢弃 |
Filtering Platform Packet Drop |
| 0x7000320A | 筛选平台连接 |
Filtering Platform Connection |
| 0x7000320B | 详细的文件共享 |
Detailed File Share |
| 0x7000320C | 可移动存储 |
Removable Storage |
| 0x7000320D | 中心访问策略暂存 |
Central Access Policy Staging |
| 0x70003300 | 敏感权限使用 |
Sensitive Privilege Use |
| 0x70003301 | 非敏感权限使用 |
Non Sensitive Privilege Use |
| 0x70003302 | 其他权限使用事件 |
Other Privilege Use Events |
| 0x70003400 | 进程创建 |
Process Creation |
| 0x70003401 | 进程终止 |
Process Termination |
| 0x70003402 | DPAPI 活动 |
DPAPI Activity |
| 0x70003403 | RPC 事件 |
RPC Events |
| 0x70003404 | “即插即用”事件 |
Plug and Play Events |
| 0x70003405 | 令牌权限已调整事件 |
Token Right Adjusted Events |
| 0x70003500 | 审核策略更改 |
Audit Policy Change |
| 0x70003501 | 身份验证策略更改 |
Authentication Policy Change |
| 0x70003502 | 授权策略更改 |
Authorization Policy Change |
| 0x70003503 | MPSSVC 规则级别策略更改 |
MPSSVC Rule-Level Policy Change |
| 0x70003504 | 筛选平台策略更改 |
Filtering Platform Policy Change |
| 0x70003505 | 其他策略更改事件 |
Other Policy Change Events |
| 0x70003600 | 用户帐户管理 |
User Account Management |
| 0x70003601 | 计算机帐户管理 |
Computer Account Management |
| 0x70003602 | 安全组管理 |
Security Group Management |
| 0x70003603 | 分发组管理 |
Distribution Group Management |
| 0x70003604 | 应用程序组管理 |
Application Group Management |
| 0x70003605 | 其他帐户管理事件 |
Other Account Management Events |
| 0x70003700 | 目录服务访问 |
Directory Service Access |
| 0x70003701 | 目录服务更改 |
Directory Service Changes |
| 0x70003702 | 目录服务复制 |
Directory Service Replication |
| 0x70003703 | 详细的目录服务复制 |
Detailed Directory Service Replication |
| 0x70003800 | 凭据验证 |
Credential Validation |
| 0x70003801 | Kerberos 服务票证操作 |
Kerberos Service Ticket Operations |
| 0x70003802 | 其他帐户登录事件 |
Other Account Logon Events |
| 0x70003803 | Kerberos 身份验证服务 |
Kerberos Authentication Service |
| 0x7000FF00 | 无法确定子类别 |
Subcategory could not be determined |
| 0x90000001 | Microsoft Windows security auditing. |
Microsoft Windows security auditing. |
| 0x90000002 | Security |
Security |
| 0xB0001208 | 已更改系统时间。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%t进程 ID:%t%9%n%t名称:%t%t%10%n%n上一时间:%t%t%6 %5%n新时间:%t%t%8 %7%n%n在系统时间更改时生成此事件。这对于 Windows 时间服务属正常情况,该服务以系统特权运行,以定期更改系统时间。其他的系统时间更改意味着对计算机的破坏。 |
The system time was changed.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tProcess ID:%t%9%n%tName:%t%t%10%n%nPrevious Time:%t%t%6 %5%nNew Time:%t%t%8 %7%n%nThis event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer. |
| 0xB0001210 | 已成功登录帐户。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%9%n%n新登录:%n%t安全 ID:%t%t%5%n%t帐户名:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%t登录 GUID:%t%t%13%n%n进程信息:%n%t进程 ID:%t%t%17%n%t进程名:%t%t%18%n%n网络信息:%n%t工作站名:%t%12%n%t源网络地址:%t%19%n%t源端口:%t%t%20%n%n详细身份验证信息:%n%t登录进程:%t%t%10%n%t身份验证数据包:%t%11%n%t传递的服务:%t%14%n%t数据包名(仅限 NTLM):%t%15%n%t密钥长度:%t%t%16%n%n创建登录会话后,在被访问的计算机上生成此事件。%n%n“使用者”字段指明本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指明发生的登录种类。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“新登录”字段指明新登录是为哪个帐户创建的,即登录的帐户。%n%n“网络”字段指明远程登录请求来自哪里。“工作站名”并非总是可用,而且在某些情况下可能会留为空白。%n%n模拟级别字段指明登录会话中的进程可以模拟的程度。%n%n“身份验证信息”字段提供关于此特定登录请求的详细信息。%n%t-“登录 GUID”是可用于将此事件与 KDC 事件关联起来的唯一标识符。%n%t-“传递的服务”指明哪些中间服务参与了此登录请求。%n%t- “数据包名”指明在 NTLM 协议之间使用了哪些子协议。%n%t-“密钥长度”指明生成的会话密钥的长度。如果没有请求会话密钥,则此字段为 0。 |
An account was successfully logged on.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%9%n%nNew Logon:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%tLogon GUID:%t%t%13%n%nProcess Information:%n%tProcess ID:%t%t%17%n%tProcess Name:%t%t%18%n%nNetwork Information:%n%tWorkstation Name:%t%12%n%tSource Network Address:%t%19%n%tSource Port:%t%t%20%n%nDetailed Authentication Information:%n%tLogon Process:%t%t%10%n%tAuthentication Package:%t%11%n%tTransited Services:%t%14%n%tPackage Name (NTLM only):%t%15%n%tKey Length:%t%t%16%n%nThis event is generated when a logon session is created. It is generated on the computer that was accessed.%n%nThe subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).%n%nThe New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.%n%nThe network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.%n%nThe impersonation level field indicates the extent to which a process in the logon session can impersonate.%n%nThe authentication information fields provide detailed information about this specific logon request.%n%t- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.%n%t- Transited services indicate which intermediate services have participated in this logon request.%n%t- Package name indicates which sub-protocol was used among the NTLM protocols.%n%t- Key length indicates the length of the generated session key. This will be 0 if no session key was requested. |
| 0xB000122E | IPsec 快速模式协商失败。%n%n本地终结点:%n%t网络地址:%t%1%n%t网络地址掩码:%t%2%n%t端口:%t%t%t%3%n%t隧道终结点:%t%t%4%n%n远程终结点:%n%t网络地址:%t%5%n%t地址掩码:%t%t%6%n%t端口:%t%t%t%7%n%t隧道终结点:%t%t%8%n%t专用地址:%t%t%10%n%n附加信息:%n%t协议:%t%t%9%n%t键控模块名称:%t%11%n%t模式:%t%t%t%14%n%t角色:%t%t%t%16%n%t快速模式筛选器 ID:%t%18%n%t主模式 SA ID:%t%19%n%n失败信息:%n%t状态:%t%t%t%15%n%t消息 ID:%t%t%17%n%t失败点:%t%t%12%n%t失败原因:%t%t%13 |
An IPsec quick mode negotiation failed.%n%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tNetwork Address mask:%t%2%n%tPort:%t%t%t%3%n%tTunnel Endpoint:%t%t%4%n%nRemote Endpoint:%n%tNetwork Address:%t%5%n%tAddress Mask:%t%t%6%n%tPort:%t%t%t%7%n%tTunnel Endpoint:%t%t%8%n%tPrivate Address:%t%t%10%n%nAdditional Information:%n%tProtocol:%t%t%9%n%tKeying Module Name:%t%11%n%tMode:%t%t%t%14%n%tRole:%t%t%t%16%n%tQuick Mode Filter ID:%t%18%n%tMain Mode SA ID:%t%19%n%nFailure Information:%n%tState:%t%t%t%15%n%tMessage ID:%t%t%17%n%tFailure Point:%t%t%12%n%tFailure Reason:%t%t%13 |
| 0xB0001230 | 已请求到对象的句柄。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%t%5%n%t对象类型:%t%t%6%n%t对象名:%t%t%7%n%t句柄 ID:%t%t%8%n%n进程信息:%n%t进程 ID:%t%t%14%n%t进程名:%t%t%15%n%n访问请求信息:%n%t事务 ID:%t%t%9%n%t访问:%t%t%10%n%t访问掩码:%t%t%11%n%t用于访问检查的特权:%t%12%n%t受限 SID 计数:%t%13 |
A handle to an object was requested.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%t%5%n%tObject Type:%t%t%6%n%tObject Name:%t%t%7%n%tHandle ID:%t%t%8%n%nProcess Information:%n%tProcess ID:%t%t%14%n%tProcess Name:%t%t%15%n%nAccess Request Information:%n%tTransaction ID:%t%t%9%n%tAccesses:%t%t%10%n%tAccess Mask:%t%t%11%n%tPrivileges Used for Access Check:%t%12%n%tRestricted SID Count:%t%13 |
| 0xB0001235 | 请求某个对象的句柄。%n%n主题:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名称:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%15%n%t进程名称:%t%16%n%n访问请求信息:%n%t事务 ID:%t%9%n%t访问次数:%t%10%n%t访问掩码:%t%11%n%t用于访问检查的权限:%t%12%n%t属性:%t%13%n%t受限 SID 计数:%t%14 |
A handle to an object was requested.%n%nSubject :%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%15%n%tProcess Name:%t%16%n%nAccess Request Information:%n%tTransaction ID:%t%9%n%tAccesses:%t%10%n%tAccess Mask:%t%11%n%tPrivileges Used for Access Check:%t%12%n%tProperties:%t%13%n%tRestricted SID Count:%t%14 |
| 0xB0001237 | 试图访问对象。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n对象:%n%t对象服务器:%t%5%n%t对象类型:%t%6%n%t对象名:%t%7%n%t句柄 ID:%t%8%n%n进程信息:%n%t进程 ID:%t%11%n%t进程名:%t%12%n%n访问请求信息:%n%t访问:%t%9%n%t访问掩码:%t%10 |
An attempt was made to access an object.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nObject:%n%tObject Server:%t%5%n%tObject Type:%t%6%n%tObject Name:%t%7%n%tHandle ID:%t%8%n%nProcess Information:%n%tProcess ID:%t%11%n%tProcess Name:%t%12%n%nAccess Request Information:%n%tAccesses:%t%9%n%tAccess Mask:%t%10 |
| 0xB0001250 | 已创建新进程。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%t新进程 ID:%t%t%5%n%t新进程名称:%t%6%n%t令牌提升类型:%t%7%n%t创建者进程 ID:%t%8%n%n“令牌提升类型”指示按照用户帐户控制策略分配给新进程的令牌类型。%n%n类型 1 是未删除特权或禁用组的完全令牌。完全令牌只有在用户帐户控制已禁用或者用户是内置管理员帐户或服务帐户的情况下才使用。%n%n类型 2 是未删除特权或禁用组的提升令牌。当启用了用户帐户控制并且用户选择使用“以管理员身份运行”启动程序时,会使用提升令牌。当应用程序已配置为始终需要管理特权或始终需要最高特权并且用户是管理员组的成员时,也会使用提升令牌。%n%n类型 3 是删除了管理特权并禁用了管理组的受限令牌。当启用了用户帐户控制,应用程序不需要管理特权并且用户未选择使用“以管理员身份运行”启动程序时,会使用受限令牌。 |
A new process has been created.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tNew Process ID:%t%t%5%n%tNew Process Name:%t%6%n%tToken Elevation Type:%t%7%n%tCreator Process ID:%t%8%n%nToken Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.%n%nType 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.%n%nType 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.%n%nType 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator. |
| 0xB0001278 | 已向启用了安全性的全局组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-enabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB000127C | 已向启用了安全性的本地组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-enabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB000128A | 已向禁用了安全性的本地组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-disabled local group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB000128F | 已向禁用了安全性的全局组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-disabled global group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB0001294 | 已向启用了安全性的通用组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%3%n%t帐户域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-enabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB0001299 | 已向禁用了安全性的通用组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a security-disabled universal group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB00012B1 | 已向基本应用程序组中添加某个成员。%n%n使用者:%n%t安全 ID:%t%t%6%n%t帐户名称:%t%t%7%n%t帐户域:%t%t%8%n%t登录 ID:%t%t%9%n%n成员:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%1%n%n组:%n%t安全 ID:%t%t%5%n%t组名:%t%t%3%n%t组域:%t%t%4%n%n附加信息:%n%t特权:%t%t%10 |
A member was added to a basic application group.%n%nSubject:%n%tSecurity ID:%t%t%6%n%tAccount Name:%t%t%7%n%tAccount Domain:%t%t%8%n%tLogon ID:%t%t%9%n%nMember:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%1%n%nGroup:%n%tSecurity ID:%t%t%5%n%tGroup Name:%t%t%3%n%tGroup Domain:%t%t%4%n%nAdditional Information:%n%tPrivileges:%t%t%10 |
| 0xB0001405 | 请求已提交到 OCSP 响应程序服务。 |
A request was submitted to OCSP Responder Service. |
| 0xB0001414 | 已访问网络共享对象。%n%t%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t访问域:%t%t%3%n%t登录 ID:%t%t%4%n%n网络信息:%t%n%t源地址:%t%t%5%n%t源端口:%t%t%6%n%t%n共享名称:%t%t%t%7 |
A network share object was accessed.%n%t%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nNetwork Information:%t%n%tSource Address:%t%t%5%n%tSource Port:%t%t%6%n%t%nShare Name:%t%t%t%7 |
| 0xB000154B | 已建立 IPSec 快速模式安全关联。%n%t%n本地终结点:%n%t网络地址:%t%1%n%t网络地址掩码:%t%2%n%t端口:%t%t%t%3%n%t隧道终结点:%t%t%4%n%n远程终结点:%n%t网络地址:%t%5%n%t网络地址掩码:%t%6%n%t端口:%t%t%t%7%n%t专用地址:%t%t%8%n%t隧道终结点:%t%t%9%n%n%t协议:%t%t%10%n%t键控模块名称:%t%11%n%n加密信息:%n%t完整性算法 - AH:%t%12%n%t完整性算法 - ESP:%t%13%n%t加密算法:%t%14%n%n安全关联信息:%n%t生存时间 - 秒:%t%15%n%t生存时间 – 数据:%t%t%16%n%t生存时间 – 数据包:%t%17%n%t模式:%t%t%t%18%n%t角色:%t%t%t%19%n%t快速模式筛选器 ID:%t%20%n%t主模式 SA ID:%t%21%n%t快速模式 SA ID:%t%22%n%n附加信息:%n%t入站 SPI:%t%t%23%n%t出站 SPI:%t%t%24 |
An IPsec quick mode security association was established.%n%t%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tNetwork Address mask:%t%2%n%tPort:%t%t%t%3%n%tTunnel Endpoint:%t%t%4%n%nRemote Endpoint:%n%tNetwork Address:%t%5%n%tNetwork Address Mask:%t%6%n%tPort:%t%t%t%7%n%tPrivate Address:%t%t%8%n%tTunnel Endpoint:%t%t%9%n%n%tProtocol:%t%t%10%n%tKeying Module Name:%t%11%n%nCryptographic Information:%n%tIntegrity Algorithm - AH:%t%12%n%tIntegrity Algorithm - ESP:%t%13%n%tEncryption Algorithm:%t%14%n%nSecurity Association Information:%n%tLifetime - seconds:%t%15%n%tLifetime - data:%t%t%16%n%tLifetime - packets:%t%17%n%tMode:%t%t%t%18%n%tRole:%t%t%t%19%n%tQuick Mode Filter ID:%t%20%n%tMain Mode SA ID:%t%21%n%tQuick Mode SA ID:%t%22%n%nAdditional Information:%n%tInbound SPI:%t%t%23%n%tOutbound SPI:%t%t%24 |
| 0xB000154C | 已结束 IPSec 快速模式安全关联。%n%t%n本地终结点:%n%t网络地址:%t%1%n%t端口:%t%t%t%2%n%t隧道终结点:%t%t%3%n%n远程终结点:%n%t网络地址:%t%4%n%t端口:%t%t%t%5%n%t隧道终结点:%t%t%6%n%n其他信息:%n%t协议:%t%t%7%n%t快速模式 SA ID:%t%8 |
An IPsec quick mode security association ended.%n%t%nLocal Endpoint:%n%tNetwork Address:%t%1%n%tPort:%t%t%t%2%n%tTunnel Endpoint:%t%t%3%n%nRemote Endpoint:%n%tNetwork Address:%t%4%n%tPort:%t%t%t%5%n%tTunnel Endpoint:%t%t%6%n%nAdditional Information:%n%tProtocol:%t%t%7%n%tQuick Mode SA ID:%t%8 |
| 0xB0001600 | 已请求对无线网络进行身份验证。%n%n使用者:%n%t安全 ID:%t%t%2%n%t帐户名称:%t%t%3%n%t帐户域:%t%t%4%n%t登录 ID:%t%t%5%n%n网络信息:%n%t名称(SSID):%t%t%1%n%t接口 GUID:%t%t%8%n%t本地 MAC 地址:%t%7%n%t对等 MAC 地址:%t%6%n%n其他信息:%n%t原因代码:%t%t%10 (%9)%n%t错误代码:%t%t%11 |
A request was made to authenticate to a wireless network.%n%nSubject:%n%tSecurity ID:%t%t%2%n%tAccount Name:%t%t%3%n%tAccount Domain:%t%t%4%n%tLogon ID:%t%t%5%n%nNetwork Information:%n%tName (SSID):%t%t%1%n%tInterface GUID:%t%t%8%n%tLocal MAC Address:%t%7%n%tPeer MAC Address:%t%6%n%nAdditional Information:%n%tReason Code:%t%t%10 (%9)%n%tError Code:%t%t%11 |
| 0xB0001880 | 网络策略服务器已授予某个用户访问权限。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t代理策略名称:%t%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%n隔离信息:%n%t结果:%t%t%t%t%25%n%t会话标识符:%t%t%t%26%n |
Network Policy Server granted access to a user.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tProxy Policy Name:%t%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%nQuarantine Information:%n%tResult:%t%t%t%t%25%n%tSession Identifier:%t%t%t%26%n |
| 0xB0001881 | 网络策略服务器已拒绝授予某个用户访问权限。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t代理策略名称:%t%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%t原因代码:%t%t%t%25%n%t原因:%t%t%t%t%26%n |
Network Policy Server denied access to a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tProxy Policy Name:%t%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%tReason Code:%t%t%t%25%n%tReason:%t%t%t%t%26%n |
| 0xB0001882 | 网络策略服务器已放弃某个用户的请求。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%t原因代码:%t%t%t%25%n%t原因:%t%t%t%t%26%n |
Network Policy Server discarded the request for a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%tReason Code:%t%t%t%25%n%tReason:%t%t%t%t%26%n |
| 0xB0001883 | 网络策略服务器已放弃某个用户的记帐请求。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%t原因代码:%t%t%t%25%n%t原因:%t%t%t%t%26%n |
Network Policy Server discarded the accounting request for a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%tReason Code:%t%t%t%25%n%tReason:%t%t%t%t%26%n |
| 0xB0001910 | 系统已识别新的外部设备。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n类 ID:%t%t%5%n%n供应商 ID:%t%6%n%n兼容 ID:%t%7%n%n位置信息:%t%8 |
A new external device was recognized by the system.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nClass ID:%t%t%5%n%nVendor IDs:%t%6%n%nCompatible IDs:%t%7%n%nLocation Information:%t%8 |
| 0xB0011210 | 已成功登录帐户。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n登录类型:%t%t%t%9%n%n模拟级别:%t%t%21%n%n新登录:%n%t安全 ID:%t%t%5%n%t帐户名称:%t%t%6%n%t帐户域:%t%t%7%n%t登录 ID:%t%t%8%n%t登录 GUID:%t%t%13%n%n进程信息:%n%t进程 ID:%t%t%17%n%t进程名称:%t%t%18%n%n网络信息:%n%t工作站名:%t%12%n%t源网络地址:%t%19%n%t源端口:%t%t%20%n%n详细身份验证信息:%n%t登录进程:%t%t%10%n%t身份验证数据包:%t%11%n%t传递的服务:%t%14%n%t数据包名(仅限 NTLM):%t%15%n%t密钥长度:%t%t%16%n%n创建登录会话时,将在被访问的计算机上生成此事件。%n%n“使用者”字段指示本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。%n%n“登录类型”字段指示发生的登录类型。最常见的类型是 2 (交互式)和 3 (网络)。%n%n“新登录”字段指示新登录是为哪个帐户创建的,即已登录的帐户。%n%n“网络”字段指示远程登录请求源自哪里。“工作站名”并非始终可用,并且在某些情况下可能会留空。%n%n“模拟级别”字段指示登录会话中的进程可以模拟到的程度。%n%n“身份验证信息”字段提供有关此特定登录请求的详细信息。%n%t-“登录 GUID”是可用于将此事件与 KDC 事件关联起来的唯一标识符。%n%t-“传递的服务”指示哪些中间服务参与了此登录请求。%n%t- “数据包名”指示在 NTLM 协议中使用了哪些子协议。%n%t-“密钥长度”指示生成的会话密钥的长度。如果没有请求会话密钥,则此字段将为 0。 |
An account was successfully logged on.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nLogon Type:%t%t%t%9%n%nImpersonation Level:%t%t%21%n%nNew Logon:%n%tSecurity ID:%t%t%5%n%tAccount Name:%t%t%6%n%tAccount Domain:%t%t%7%n%tLogon ID:%t%t%8%n%tLogon GUID:%t%t%13%n%nProcess Information:%n%tProcess ID:%t%t%17%n%tProcess Name:%t%t%18%n%nNetwork Information:%n%tWorkstation Name:%t%12%n%tSource Network Address:%t%19%n%tSource Port:%t%t%20%n%nDetailed Authentication Information:%n%tLogon Process:%t%t%10%n%tAuthentication Package:%t%11%n%tTransited Services:%t%14%n%tPackage Name (NTLM only):%t%15%n%tKey Length:%t%t%16%n%nThis event is generated when a logon session is created. It is generated on the computer that was accessed.%n%nThe subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.%n%nThe logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).%n%nThe New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.%n%nThe network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.%n%nThe impersonation level field indicates the extent to which a process in the logon session can impersonate.%n%nThe authentication information fields provide detailed information about this specific logon request.%n%t- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.%n%t- Transited services indicate which intermediate services have participated in this logon request.%n%t- Package name indicates which sub-protocol was used among the NTLM protocols.%n%t- Key length indicates the length of the generated session key. This will be 0 if no session key was requested. |
| 0xB0011250 | 已创建新进程。%n%n使用者:%n%t安全 ID:%t%t%1%n%t帐户名称:%t%t%2%n%t帐户域:%t%t%3%n%t登录 ID:%t%t%4%n%n进程信息:%n%t新进程 ID:%t%t%5%n%t新进程名称:%t%6%n%t令牌提升类型:%t%7%n%t创建者进程 ID:%t%8%n%t进程命令行:%t%9%n%n“令牌提升类型”指示根据用户帐户控制策略分配给新进程的令牌类型。%n%n类型 1 是未删除特权或未禁用组的完全令牌。完全令牌仅在禁用了用户帐户控制或者用户是内置管理员帐户或服务帐户的情况下使用。%n%n类型 2 是未删除特权或未禁用组的提升令牌。当启用了用户帐户控制并且用户选择使用“以管理员身份运行”选项启动程序时会使用提升令牌。当应用程序配置为始终需要管理特权或始终需要最高特权并且用户是管理员组的成员时,也会使用提升令牌。%n%n类型 3 是删除了管理特权并禁用了管理组的受限令牌。当启用了用户帐户控制,应用程序不需要管理特权并且用户未选择使用“以管理员身份运行”选项启动程序时,会使用受限令牌。 |
A new process has been created.%n%nSubject:%n%tSecurity ID:%t%t%1%n%tAccount Name:%t%t%2%n%tAccount Domain:%t%t%3%n%tLogon ID:%t%t%4%n%nProcess Information:%n%tNew Process ID:%t%t%5%n%tNew Process Name:%t%6%n%tToken Elevation Type:%t%7%n%tCreator Process ID:%t%8%n%tProcess Command Line:%t%9%n%nToken Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.%n%nType 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.%n%nType 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.%n%nType 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator. |
| 0xB0011880 | 网络策略服务器已授予某个用户访问权限。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%t日志记录结果:%t%t%t%27%n%n隔离信息:%n%t结果:%t%t%t%t%25%n%t会话标识符:%t%t%t%26%n |
Network Policy Server granted access to a user.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%tLogging Results:%t%t%t%27%n%nQuarantine Information:%n%tResult:%t%t%t%t%25%n%tSession Identifier:%t%t%t%26%n |
| 0xB0011881 | 网络策略服务器已拒绝向某个用户授予访问权限。%n%n有关详细信息,请与网络策略服务器管理员联系。%n%n用户:%n%t安全 ID:%t%t%t%1%n%t帐户名称:%t%t%t%2%n%t帐户域:%t%t%t%3%n%t完全限定的帐户名称:%t%4%n%n客户端计算机:%n%t安全 ID:%t%t%t%5%n%t帐户名称:%t%t%t%6%n%t完全限定的帐户名称:%t%7%n%tOS 版本:%t%t%t%8%n%t被调用站标识符:%t%t%9%n%t调用站标识符:%t%t%10%n%nNAS:%n%tNAS IPv4 地址:%t%t%11%n%tNAS IPv6 地址:%t%t%12%n%tNAS 标识符:%t%t%t%13%n%tNAS 端口类型:%t%t%t%14%n%tNAS 端口:%t%t%t%15%n%nRADIUS 客户端:%n%t客户端友好名称:%t%t%16%n%t客户端 IP 地址:%t%t%t%17%n%n身份验证详细信息:%n%t连接请求策略名称:%t%18%n%t网络策略名称:%t%t%19%n%t身份验证提供程序:%t%t%20%n%t身份验证服务器:%t%t%21%n%t身份验证类型:%t%t%22%n%tEAP 类型:%t%t%t%23%n%t帐户会话标识符:%t%t%24%n%t日志记录结果:%t%t%t%27%n%t原因代码:%t%t%t%25%n%t原因:%t%t%t%t%26%n |
Network Policy Server denied access to a user.%n%nContact the Network Policy Server administrator for more information.%n%nUser:%n%tSecurity ID:%t%t%t%1%n%tAccount Name:%t%t%t%2%n%tAccount Domain:%t%t%t%3%n%tFully Qualified Account Name:%t%4%n%nClient Machine:%n%tSecurity ID:%t%t%t%5%n%tAccount Name:%t%t%t%6%n%tFully Qualified Account Name:%t%7%n%tOS-Version:%t%t%t%8%n%tCalled Station Identifier:%t%t%9%n%tCalling Station Identifier:%t%t%10%n%nNAS:%n%tNAS IPv4 Address:%t%t%11%n%tNAS IPv6 Address:%t%t%12%n%tNAS Identifier:%t%t%t%13%n%tNAS Port-Type:%t%t%t%14%n%tNAS Port:%t%t%t%15%n%nRADIUS Client:%n%tClient Friendly Name:%t%t%16%n%tClient IP Address:%t%t%t%17%n%nAuthentication Details:%n%tConnection Request Policy Name:%t%18%n%tNetwork Policy Name:%t%t%19%n%tAuthentication Provider:%t%t%20%n%tAuthentication Server:%t%t%21%n%tAuthentication Type:%t%t%22%n%tEAP Type:%t%t%t%23%n%tAccount Session Identifier:%t%t%24%n%tLogging Results:%t%t%t%27%n%tReason Code:%t%t%t%25%n%tReason:%t%t%t%t%26%n |