Event ID - 566

Event Id566
SourceSecurity
DescriptionObject Operation:
      Object Server: <Object Server>
      Operation Type: <Operation Type>
      Object Type: <Object Type>
      Object Name: <Object Name>
      Handle ID: <Handle ID>
      Primary User Name: <Primary User Name>
      Primary Domain: <Primary Domain>
      Primary Logon ID: <Primary Logon ID>
      Client User Name: <Client User Name>
      Client Domain: <Client Domain>
      Client Logon ID: <Client Logon ID>
      Accesses: <Accesses>     

Event InformationThis is not an error.This event will be generated if you enable auditing for "DirectoryService access failures" and SACL on this object also has an entry which audits failed "write-access" / "extended write" access.
You can edit this objects SACL in Active DirectoryUsersAndComputers [Go to ADU&C, enable Advanced Feature then go to Properties-Security-Advanced-Auditing].All DirectoryService auditing can be disabled by applying GroupPolicy.
Reference LinksAlternate Event ID in Vista and Windows Server 2008 is 4662.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh