4,608 questions
What does this have to do with configmgr? Eg why do you think configmgr is involved? Have you reviewed configmgr logs? Why do you think it is a problem?
How do i repair this problem
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 66%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETC%3C/text%3E%3C/svg%3E)
Tracy Carter
0
Reputation points
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 2/19/2023 9:29:12 AM
Event ID: 4798
Task Category: User Account Management
Level: Information
Keywords: Audit Success
User: N/A
Computer: Tracys-PC
Description:
A user's local group membership was enumerated.
Subject:
Security ID: SYSTEM
Account Name: TRACYS-PC$
Account Domain: WORKGROUP
Logon ID: 0x3E7
User:
Security ID: S-1-5-21-1917382748-1160900825-415137653-1002
Account Name: Tracy Lee Carter
Account Domain: TRACYS-PC
Process Information:
Process ID: 0x23ac
Process Name: C:\Windows\System32\svchost.exe
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />
<EventID>4798</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>13824</Task>
<Opcode>0</Opcode>
<Keywords>0x8020000000000000</Keywords>
<TimeCreated SystemTime="2023-02-19T16:29:12.3562799Z" />
<EventRecordID>110661</EventRecordID>
<Correlation ActivityID="{97519a46-4202-0001-bd9a-51970242d901}" />
<Execution ProcessID="936" ThreadID="7928" />
<Channel>Security</Channel>
<Computer>Tracys-PC</Computer>
<Security />
</System>
<EventData>
<Data Name="TargetUserName">Tracy Lee Carter</Data>
<Data Name="TargetDomainName">TRACYS-PC</Data>
<Data Name="TargetSid">S-1-5-21-1917382748-1160900825-415137653-1002</Data>
<Data Name="SubjectUserSid">S-1-5-18</Data>
<Data Name="SubjectUserName">TRACYS-PC$</Data>
<Data Name="SubjectDomainName">WORKGROUP</Data>
<Data Name="SubjectLogonId">0x3e7</Data>
<Data Name="CallerProcessId">0x23ac</Data>
<Data Name="CallerProcessName">C:\Windows\System32\svchost.exe</Data>
</EventData>
</Event>