Event ID: 4717

System security access was granted to an account

System security access was granted to an account.

Subject:
    Security ID:        %1
    Account Name:       %2
    Account Domain:     %3
    Logon ID:           %4

Account Modified:
    Account Name:       %5

Access Granted:
    Access Right:       %6
Microsoft Documentation

Event ID - 4717



Generates every time local logon user right policy is changed and logon right was granted to an account.



Name Field Insertion String OS Example
Security ID SubjectUserSid %1 Any DADOMAIN\DaUser
Account Name SubjectUserName %2 Any DaUser
Account Domain SubjectDomainName %3 Any DADOMAIN
Logon ID SubjectLogonId %4 Any 0x3e7
Account Name TargetSid %5 Any DADOMAIN\AnotherUser
Access Right AccessGranted %6 Any View Codes


Lookup Audit Policy Configuration Settings

C:\> AuditPol.exe /get /subcategory:"Authentication Policy Change"
How to enable Windows Auditing



LEFT/RIGHT arrow keys for navigation

Back to List