积分 729 最后登录 2024-3-28 精华 0 阅读权限 40 主题 99 UID 140565 帖子 1822 PB币 2822 威望 0 贡献 0 技术 22 活跃 1991
UID 140565 帖子 1822 PB币 2822 贡献 0 技术 22 活跃 1991
发表于 2021-12-13 18:50:50
IP属地北京
| 显示全部楼层
主要是这类提示:
Virtualization Based Security for Credential Guard auto enablement status.
Hardware Requirements: 1
Domain Joined: 0
Azure AD Joined: 0
事件 Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="LsaSrv" Guid="{199fe037-2b82-40a9-82ac-e1d46c792b99}" />
<EventID>6150</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2021-12-13T10:30:15.4423997Z" />
<EventRecordID>1317</EventRecordID>
<Correlation />
<Execution ProcessID="1092" ThreadID="1096" />
<Channel>System</Channel>
<Computer>bluesoldman</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="HardwareChecks">1</Data>
<Data Name="ADDomainJoin">0</Data>
<Data Name="AADDomainJoin">0</Data>
</EventData>
</Event>
日志名称: System
来源: LsaSrv
日期: 2021/12/13 18:30:15
事件 ID: 6149
任务类别: 无
级别: 警告
关键字:
用户: SYSTEM
计算机: bluesoldman
描述:
LSA package is not signed as expected. This can cause unexpected behavior with Credential Guard.
PackageName: kerberos
事件 Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="LsaSrv" Guid="{199fe037-2b82-40a9-82ac-e1d46c792b99}" />
<EventID>6149</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2021-12-13T10:30:15.4640153Z" />
<EventRecordID>1319</EventRecordID>
<Correlation />
<Execution ProcessID="1092" ThreadID="1096" />
<Channel>System</Channel>
<Computer>bluesoldman</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="PackageName">kerberos</Data>
</EventData>
</Event>
展开阅读全文​