Skip navigation
Menu
Compute Engines

JSI Tip 3207. Windows 2000 Audit Event Id 681 error codes?

In tips 0264, 0441, and 0749, I described Audit Event Ids.

When a down-level client fails a logon attempt, Windows 2000 generates Event Id 681 on the Windows 2000 domain controller.

NOTE: This also happens through a trust to a down-level domain.

The source of the event is Security. These events contain error codes which I will describe.

NOTE: The error codes in the Security Event log message are displayed in decimal.

Error Code     Hexadecimal    
Error Code    		 Cause                    
3221225572       C0000064     User logon with misspelled or bad user account    
3221225578       C000006A     User logon with misspelled or bad password    
3221225583       C000006F     User logon outside authorized hours    
3221225584       C0000070     User logon from unauthorized workstation    
3221225585       C0000071     User logon with expired password    
3221225586       C0000072     User logon to account disabled by administrator    
3221225875       C0000193     User logon with expired account    
3221226020       C0000224     User logon with "Change Password at Next Logon" flagged    
3221226036       C0000234     User logon with account locked    


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023