Guest Brock Hensley Posted February 6, 2008 Posted February 6, 2008 Source: LsaSrv Event ID: 6033 An anonymous session connected from DESTRUCTOR has attempted to open an LSA policy handle on this machine. The attempt was rejected with STATUS_ACCESS_DENIED to prevent leaking security sensitive information to the anonymous caller. The application that made this attempt needs to be fixed. Please contact the application vendor. As a temporary workaround, this security measure can be disabled by setting the \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TurnOffAnonymousBlock DWORD value to 1. This message will be logged at most once a day. I've been seeing this lately on a few different servers. Can anyone please explain what exactly it is and if I should be concerned. Thank You, -B
Recommended Posts