Microsoft KB Archive/263190

= Resetting Password on Domain Controller May Cause Incorrect Audit in Security Event Log =

Article ID: 263190

Article Last Modified on 2/20/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q263190



SYMPTOMS
When you reset a password on domain controllers with certain password policy restrictions, an erroneous audit is logged in the Security event log.

For example, if a domain controller is configured with a policy that requires a password history, an administrator changes a user password, and then changes the password back to its previous value, a &quot;failure&quot; event is logged; however, the password is changed back to its previous value.



CAUSE
The problem is caused by a logic error in the code that is called when a user modifies a password.



RESOLUTION
A supported fix that corrects this problem is now available from Microsoft. Please check the RESOLUTION section of the following Knowledge Base article for information about the fix.

267556 Auditing Does Not Report Security Event for Resetting Password



STATUS
Microsoft has confirmed that this is a problem in Microsoft Windows 2000.



MORE INFORMATION
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:

249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

Keywords: kbbug kbfix kbqfe kbwin2000presp2fix KB263190

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.