Article ID: 268169
Article Last Modified on 10/27/2006
APPLIES TO
- Microsoft Systems Management Server 2.0 Standard Edition
- Microsoft Systems Management Server 2.0 Service Pack 1
- Microsoft Systems Management Server 2.0 Service Pack 2
This article was previously published under Q268169
SUMMARY
When you enable success auditing for "Use of User Rights" on Microsoft Windows NT computers or you enable "Audit privilege use" on Microsoft Windows 2000 computers, numerous entries for the SMSCliSvcAcct& account or the SMS&_DomainController account may be displayed in the security log. These entries appear whenever the local client service account is used on the computer and coincides with the 23 hour configuration interval for the Systems Management Server (SMS) Client or the stop and subsequent restart of the SMS client service.
For additional information about the latest service pack for Microsoft Systems Management Server 2.0, click the following article number to view the article in the Microsoft Knowledge Base:
288239 How to Obtain the Latest Systems Management Server 2.0 Service Pack
MORE INFORMATION
The client service uses the SMS Client Service Account (SMSCliSvcAcct& or SMS&_DomainController) to gain access to Windows NT and Windows 2000 computers. This account exists the entire time that the SMS Client software is installed on the client. This account is automatically created during the SMS client installation. This account must be a local Administrator and have the following rights:
- LogonAsService
- ActAsPartOfOperatingSystem
- ReplaceProcessLevelToken
NOTE: SMS automatically configures the above-referenced account with all of the necessary rights. Not having these rights does not have an impact on security, just functionality.
REFERENCES
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
264769 Event ID 576 Fills the Security Event Log When Auditing
Additional query words: prodsms
Keywords: kbsms200presp5fix kbdiscovery kbinfo KB268169
