Q
Problem solve Get help with specific problems with your technologies, process and projects.

Solving log in problems with Windows XP clients

I Have an issue regarding XP clients not being able to log in. This is caused by a crash on audit when the system event logs are full. The administrator has to log in, clear the logs and go into the Registry to delete the crash on audits, then reboot the system. The user is able to log in after that process. This process goes over and over. Do you have any guidance to correct this problem?

I Have an issue regarding XP clients not being able to log in. This is caused by a crash on audit when the system event logs are full. The administrator has to log in, clear the logs and go into the Registry to delete the crash on audits, then reboot the system. The user is able to log in after that process. This process goes over and over. Do you have any guidance to correct this problem?

I notice that you work at the Navy, which might require that all clients have this setting enabled. If this is the case, there really are limited solutions for you, since your security policy requires this and this is the behavior that is desired: not allowing the client to function if the security log is full. I assume the administrator is archiving the log first, then clearing the log?

One possible solution is to create a background script to control the security log. This will require that the script archive the log, then clean it up. This might not fit into your security policy for the Navy, so be sure to investigate it before you add the script.

Another solution is to disable the crash on audit policy. Unless this client is a high-profile, very security-sensitive computer, there is no need to have this configuration set. Again, I do not know the overall Navy computer security policies, but I was not aware that all clients had to have the crash on audit policy set. To disable this policy for a Windows XP client, Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options, then set the policy "Audit: Shut down system immediately if unable to log security audits."

Dig Deeper on Windows legacy operating systems

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

Close