Event Details
User Activity->Logons->Successful Logons->Windows 2000-2003->EventID 552 - Logon attempt using explicit credentials [Win 2003]
EventID 552 - Logon attempt using explicit credentials [Win 2003]
 Sample: 
        Event Type:     Success Audit
        Event Source:   Security
        Event Category: Logon/Logoff
        Event ID:       552
        Date:           11/2/2009
        Time:           05:47:29
        User:           RESEARCH\CBrown
        Computer:       DC1
        Description:
        Logon attempt using explicit credentials:
        Logged on user:
        User Name:	CBrown
        Domain:		RESEARCH
        Logon ID:		(0x0,0x697DC)
        Logon GUID:	{dfeb6291-cc82-e563-8c57-a370dbf729a4}
        User whose credentials were used:
        Target User Name:	Paul
        Target Domain:	RESEARCH
        Target Logon GUID: {f6956476-dd7a-df4a-1006-c2026f6e3cc3}

        Target Server Name:	localhost
        Target Server Info:	localhost
        Caller Process ID:	884
        Source Network Address:	-
        Source Port:	-
Log Type: Windows Event Log
 Uniquely Identified By:
Log Name: Security
Filtering Field Equals to Value
OSVersion Windows 2003
Source Security
Category Logon/Logoff
EventId 552
Field Matching
FieldDescriptionStored inSample Value
When At what date and time a user activity originated in the system. DateTime 1/1/2000
Who Account or user name under which the activity occured. User Name CBrown
What The type of activity occurred (e.g. Logon, Password Changed, etc.) "Logon with explicit credentials" Logon with explicit credentials
Where The name of the workstation/server where the activity was logged. Computer
Where From The name of the workstation/server where the activity was initiated from. - 10.10.10.10
Severity Specify the seriousness of the event. "Medium" Medium
WhoDomain Domain RESEARCH
WhereDomain -
Result Successful or Failed. "Successful" Successful
Failure Reason "Successful" Successful
Comments
You must be logged in to comment