Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Windows cannot do loopback processing when the computer is joined to a downlevel domain or is a member of a workgroup. Loopback processing will be disabled.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is the Group Policy loopback processing?
What is the role of Userenv?
As per Microsoft: "Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in some cases, users may need policy applied to them based on the location of the computer object alone. You can use the Group Policy loopback feature to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to. Loopback is supported only in a purely Windows 2000 based environment. Both the computer account and the user account must be in Active Directory. If a Microsoft Windows NT 4.0 based domain controller manages either account, the loopback does not function. The client computer must be a Windows 2000 based computer". See ME231287 and ME823862 for more details.
|Private comment: Subscribers only. See example of private comment|
|Links: ME231287, ME823862|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...|
Send comments or solutions
- Notify me when updated