Security Configuration Editor Disables Object Access Audit (318801)


The information in this article applies to:

  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
This article was previously published under Q318801

SYMPTOMS

When you are applying a policy, the Security Configuration Editor (SCE) service may disable auditing.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later:
   Date         Time   Version           Size     File name
   -----------------------------------------------------------
   26-Mar-2002  21:59  5.0.2195.4959     123,664  Adsldp.dll
   29-Jan-2002  16:52  5.0.2195.4851     130,832  Adsldpc.dll
   29-Jan-2002  16:52  5.0.2195.4016      62,736  Adsmsext.dll
   26-Mar-2002  21:59  5.0.2195.5201     356,624  Advapi32.dll
   26-Mar-2002  21:59  5.0.2195.4985     135,952  Dnsapi.dll
   26-Mar-2002  21:59  5.0.2195.4985      95,504  Dnsrslvr.dll
   26-Mar-2002  22:00  5.0.2195.5013     521,488  Instlsa5.dll
   26-Mar-2002  21:59  5.0.2195.5246     145,680  Kdcsvc.dll
   22-Mar-2002  15:50  5.0.2195.5246     199,952  Kerberos.dll
   07-Feb-2002  11:35  5.0.2195.4914      71,024  Ksecdd.sys
   02-Mar-2002  13:32  5.0.2195.5013     503,568  Lsasrv.dll
   02-Mar-2002  13:32  5.0.2195.5013      33,552  Lsass.exe
   07-Dec-2001  16:05  5.0.2195.4745     107,280  Msv1_0.dll
   26-Mar-2002  21:59  5.0.2195.4917     306,960  Netapi32.dll
   26-Mar-2002  21:59  5.0.2195.4979     360,208  Netlogon.dll
   26-Mar-2002  21:59  5.0.2195.5221     917,264  Ntdsa.dll
   26-Mar-2002  21:59  5.0.2195.5201     386,832  Samsrv.dll
   29-Jan-2002  16:52  5.0.2195.4874     128,784  Scecli.dll
   26-Mar-2002  21:59  5.0.2195.5258     299,792  Scesrv.dll
   29-Jan-2002  16:52  5.0.2195.4600      48,400  W32time.dll
   06-Nov-2001  11:43  5.0.2195.4600      56,592  W32tm.exe
   26-Mar-2002  21:59  5.0.2195.5011     125,712  Wldap32.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 3.

MORE INFORMATION

For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:

265173 The Datacenter Program and Windows 2000 Datacenter Server Product

For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:

296861 Use QChain.exe to Install Multiple Hotfixes with One Reboot

NOTE: After you install this hotfix, you may see more security event log messages when policy settings are being made and audited. Because of this, you may need to increase the security log size to prevent premature log wrapping.
Modification Type:MinorLast Reviewed:9/27/2005
Keywords:kbHotfixServer kbQFE kbbug kbenv kbfix kbSysAdmin kbWin2000PreSP3Fix kbWin2000sp3fix KB318801
©2004 Microsoft Corporation. All rights reserved.