Handle Manipulation This policy setting allows you to audit events generated when a handle to an object is opened or closed. ...

Handle Manipulation

This policy setting allows you to audit events generated when a handle to an object is opened or closed. Only objects with a matching system access control list (SACL) generate security audit events.

If you configure this policy setting, an audit event is generated when a handle is manipulated. Success audits record successful attempts and Failure audits record unsuccessful attempts.
If you do not configure this policy setting, no audit event is generated when a handle is manipulated.

Note: Events in this subcategory generate events only for object types where the corresponding Object Access subcategory is enabled. For example, if File system object access is enabled, handle manipulation security audit events are generated. If Registry object access is not enabled, handle manipulation security audit events will not be generated.

Volume: Depends on how SACLs are configured.

Groups assigned to a new logon. New Logon: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Logon GUID: %5 ... Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted ... GUID Substitution} During the translation of a global identifier (GUID) to a Windows security ID (SID), no administratively-defined ... GUID Substitution} During the translation of a global identifier (GUID) to a Windows security ID (SID), no administratively-defined ... Handle Manipulation This policy setting allows you to audit events generated when a handle to an object is opened or closed. ... Handle scavenged. Share Name: %7 File Name: %9 Resume Key: %5 Persistent File ID: %3 Volatile File ID: %4 Durable: %1 Resilient ... Handles storage of structured user data, including contact info, calendars, messages, and other content. If you stop or disable ... Handwriting personalization is currently turned off. You can turn on handwriting personalization in Control Panel, in Tablet ... Handwriting recognition failed to connect to the store of words that were added by the user (the "user lexicon"). Words that ...