The following are some examples when this error may occur:
- M174789 – If you run a Perl script on a "secure" web page, Internet Information Server (IIS) will return this problem. Run one copy of the Perl interpreter for the Anonymous Access section of the web site and another copy of the Perl interpreter for the Secured Access section of the web site.
- M246488 - When a Windows 9x or Windows NT client tries to enroll over the Internet with an Enterprise certification authority (CA) server, this error message may be displayed. This behavior occurs because non-Windows 2000 clients (that is, Windows 95, Windows 98, and Windows NT 4.0) do not support the Kerberos 5 authentication protocol, so they cannot enroll with an Enterprise CA unless the CA and Web server are hosted on the same computer as the domain controller.
- M260338 - When you install Exchange Server 5.5 on a drive other than the system drive on a Windows 2000 Server, this problem may occur if the Everyone group has been removed from the permissions on this drive.
- M277644 - When users try to access shared folders, this issue may occur if users do not have the Bypass Traverse Checking Right to the parent folders of the shared resource. M823908 also covers problems with shared folders.
- M281248 - When you try to map drives or access files on shares from a Microsoft Windows XP Home Edition, the problem appears because in Windows XP Home Edition, all network connections (logons) are mapped through the Guest account. If the Guest account is not enabled, the connection will be denied.
- M279030 - This problem can occur if the Exchange Server 5.5 service account contains extended characters.
- M317471 - When users try to log on the Microsoft Outlook Web Access, this issue occurs if the Authenticated Users group does not have access permissions to the Exchsrvr\exchweb folder.
- M888189 – If you receive this problem when you try to access the event log, verify that the Domain Users group is not a member of the built-in Guests group. By default, the built-in Guests group does not have access to the event logs.
- M889731 – If use a Web application that is running on a Microsoft Windows Server 2003-based computer to read Microsoft Message Queuing public queues that are on a remote Windows Server 2003-based computer, the problem occurs when impersonation is enabled on the Web application. See the article for a hotfix.
See the link to Error code 0xC0070005 for additional information.
This typically occurs when certain services are using accounts that lack the required privileges to perform their task. The challenge in troubleshooting this error is to find the account used in the operation and the type of rights that it requires.
Some of the common issues:
- network operations attempted with local or system accounts
- attempts to move/delete opened files
- on web pages, attempts with anonymous user account to access areas reserved to authenticated users
- user rights changes through inheritance (domain-level group policies)
As per Microsoft: "One of the following has occurred: (1) the file is marked read-only; (2) the resource, such as a file or subdirectory, that you tried to access is in use, or the named pipe, queue, or semaphore is a shared resource in use; (3) you tried to access a resource or to perform an action for which you do not have sufficient privilege; (4) the filename is incorrect.
Do one of the following, then retry the command: (1) use the Attrib command to change the read-only attribute; (2) try to access the resource again later; (3) log on with sufficient privilege (if you do not have sufficient privilege, request it from the administrator who controls access); or (4) correct the filename."
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.
Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.