Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

EventID not mapping the category right for Win2008 and vista Event

2 views
Skip to first unread message

lilu

unread,
Sep 9, 2009, 2:52:02 AM9/9/09
to
Hi

I installed the ACS collector in Win2008SP1. I find that the eventID is not
mapping right for the category.
EG:
EvevntID 4662 its category should be DS Access,but in the database its
category is Privilege Use. And there are also a lots Win2008 and vista
eventid's category is n/a in the database.

I also open the debug model for the ACS find the log below:
[20090908 233713,164][Debug ]AdtsEvent::MapStrings(): AdtsEvent:






[20090908 233713,164][Debug ] EventId: 4662, SeqNo: 104341, Type: 8,
Category: 4


Anders Bengtsson [MVP]

unread,
Sep 9, 2009, 3:37:41 AM9/9/09
to
Hi,

When I was testing ACS with 2008 AD I had to re-write the ACS reports. I
have a blog post about how to do that at http://contoso.se/blog/?p=288

--

Anders Bengtsson
Microsoft MVP - Operations Manager
www.contoso.se

lilu

unread,
Sep 9, 2009, 4:01:02 AM9/9/09
to
Thanks very much Anders. But do you know why they are not mapping in the
database.
The EventId 4624's Category is n/a in my ACS database.

Anders Bengtsson [MVP]

unread,
Sep 9, 2009, 4:53:28 AM9/9/09
to

As I understood it the default ACS reports are looking at specified event
IDs and they are not the same in 2003 and 2008. Therefore the ACS reports
are not really working with 2008 AD or 2008 servers.
0 new messages