deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 20:03:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update event-4776.md

Browse Source 
Change lowercase c to uppercase C in line with other error codes.
This commit is contained in:
Andrew Rathbun
2021-09-08 08:26:18 -04:00
committed by GitHub
parent 0567d14080
commit 8804478981
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/auditing/event-4776.md
View File

@ -116,7 +116,7 @@ This event does *not* generate when a domain account logs on locally to a domain
| 0xC0000193 | Account logon with expired account. |
| 0xC0000224 | Account logon with "Change Password at Next Logon" flagged. |
| 0xC0000234 | Account logon with account locked. |
| 0xc0000371 | The local account store does not contain secret material for the specified account. |
| 0xC0000371 | The local account store does not contain secret material for the specified account. |
| 0x0 | No errors. |
> Table 1. Winlogon Error Codes.
@ -150,4 +150,4 @@ For 4776(S, F): The computer attempted to validate the credentials for an accoun
| **User logon from unauthorized workstation** | Can indicate a compromised account; especially relevant for highly critical accounts. |
| **User logon to account disabled by administrator** | For example, N events in last N minutes can be an indicator of an account compromise attempt, especially relevant for highly critical accounts. |
| **User logon with expired account** | Can indicate an account compromise attempt; especially relevant for highly critical accounts. |
| **User logon with account locked** | Can indicate a brute-force password attack; especially relevant for highly critical accounts. |
| **User logon with account locked** | Can indicate a brute-force password attack; especially relevant for highly critical accounts. |