Event Type:	Success Audit
        Event Source:	Security
        Event Category:	Object Access
        Event ID:	560
        Date:		4/17/2009
        Time:		9:21:27 AM
        User:		NT AUTHORITY\SYSTEM
        Computer:	DCCC1
        Description:
        Object Open:
        Object Server:	Security Account Manager
        Object Type:	SAM_SERVER
        Object Name:	SAM
        New Handle ID:	856224
        Operation ID:	{0,532713543}
        Process ID:	280
        Primary User Name:	DCCC1$
        Primary Domain:	LOGISTICS
        Primary Logon ID:	(0x0,0x3E7)
        Client User Name:	DCCC1$
        Client Domain:	LOGISTICS
        Client Logon ID:	(0x0,0x3E7)
        Accesses:	DELETE 
		READ_CONTROL 
		WRITE_DAC 
		WRITE_OWNER 
		ConnectToServer 
		ShutdownServer 
		InitializeServer 
		CreateDomain 
		EnumerateDomains 
		LookupDomain        
        Privileges:	-