User / Device Claims This policy allows you to audit user and device claims information in the user's logon token. Events ...

User / Device Claims

This policy allows you to audit user and device claims information in the user's logon token. Events in this subcategory are generated on the computer on which a logon session is created. For an interactive logon, the security audit event is generated on the computer that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.

User claims are added to a logon token when claims are included with a user's account attributes in Active Directory. Device claims are added to the logon token when claims are included with a device's computer account attributes in Active Directory. In addition, compound identity must be enabled for the domain and on the computer where the user logged on.

When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the Audit Logon setting under Advanced Audit Policy Configuration\System Audit Policies\Logon/Logoff. Multiple events are generated if the user and device claims information cannot fit in a single security audit event.

Volume: Low on a client computer. Medium on a domain controller or a network server

Default: No Auditing.

User %1 cannot be authenticated with OTP. Ensure that a UPN is defined for the user name in Active Directory. Error code: ... User '[2]' has previously initiated an install for product '[3]'. That user will need to run that install again before they ... User '[2]' has previously initiated an install for product '[3]'. That user will need to run that install again before they ... User / Device claims information. Subject: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Logon Type: %9 ... User / Device Claims This policy allows you to audit user and device claims information in the user's logon token. Events ... User Account Changed: Target Account Name: %2 Target Domain: %3 Target Account ID: %4 Caller User Name: %5 Caller Domain: ... User Account Control is turned on, but you must restart your PC for the change to take effect. How does User Account Control ... User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop. This policy setting ... User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode This policy setting controls ...